Case Study #3: Technology & Product Review for Identity Governance & Administration
Case Study #3: Technology & Product Review for Identity Governance & Administration
Case Scenario:
North-by-East Software is a small but growing software development company. A recently completed risk assessment found that the company had very weak controls over the issuance and management of user ID’s and privileged accounts. The risk assessment recommended that the company implement two key controls to mitigate insider threats: least privilege and separation of duties. The risk assessment also highlighted the potential financial losses which could occur due to theft or disclosure of the company’s strategic plans and intellectual property. The company’s Chief Information Officer has recommended that an Identity Governance and Administration (IGA) product be purchased to help implement the required security controls.
As a member of the CIO’s team, you have been tasked to research, review, and recommend an IGA product which, at a minimum, will meet the company’s primary needs (controlling access, implementing least privilege, and ensuring separation of duties). Your product review and evaluation should include additional relevant features and characteristics which could help the company address and manage risks associated with insider threats.
Research:
Review the Week 5 readings
Choose an Identity Management or Identity Governance & Administration product which was mentioned in the readings. Research your chosen product using the vendor’s website and product information brochures.
Find three or more additional sources which provide reviews for (a) your chosen product or (b) general information about the characteristics of Identity Governance & Administration. Products.
Write:
Write a 3 page summary of your research. At a minimum, your summary must include the following:
1.An introduction or overview for the security technology category (Identity Governance & Administration).
2.A review of the features, capabilities, and deficiencies for your selected vendor and product.
3.Discussion of how the selected product could be used by your client to support its cybersecurity objectives by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc.
As you write your review, make sure that you address security issues using standard cybersecurity terminology (e.g. 5 Pillars IA, 5 Pillars Information Security, “governance,” etc.). See the resources listed under Week 1 and under Course Resources > Cybersecurity Concepts Review for definitions and terminology.
Formatting Instructions
Use standard APA formatting for the MS Word document that you submit to your assignment folder. Formatting requirements and examples are found under Course Resources > APA Resources.
Submit For Grading
Submit your case study in MS Word format (.docx or .doc file) using the Case Study #3:IGA Technology & Product Review assignment in your assignment folder. (Attach the file.)
Additional Information
1.There is no penalty for writing more than 3 pages but, clarity and conciseness are valued. If your essay is shorter than 3 pages, you may not have sufficient content to meet the assignment requirements (see the rubric).
2.You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.
3.You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university’s Academic Integrity policy.
Answer preview to Case Study #3: Technology & Product Review for Identity Governance & Administration
APA
966 words
