The Essential Pillars of PIAM

For today’s enterprise on a digital transformation journey, there are four essential pillars of Physical Identity Access Management (PIAM) to consider:

  1. Converged cyber-physical onboarding and offboarding
  2. Self-service access request across the enterprise
  3. Automated physical access reviews and re-certification
  4. Identity Intelligence and risk scoring

1. Converged Cyber-Physical Onboarding and Offboarding

Immediate benefits arise from linking the most obviously siloed sources of identity information. Connecting the Human Resources Management System (HR) with the Physical Access Control Systems (PACS) delivers immediate integration value and allow managers to make timely, informed decisions about facility or corporate access requests based on job role, function and relevance.

Another opportunity lies in linking PACS with IT directories that track who has access to corporate applications and resources such as the network, email, messaging, databases, etc. Some examples include LDAP – Lightweight Directory Access Protocol and AD – Active Directory.

Creating this critical connection delivers visibility into an individual’s role in the organization, their job function, the amount of facility access they need to get their job done as well as the amount of system or application access and authorization required to be productive while adhering to security policies.

True Threat Prevention in Action

The power of security convergence is most evident when it automates and detects seamlessly across more than one domain, like IT and physical security. Consider this real-world scenario: A utilities company employee enters the company via the main lobby, takes the elevator to his floor and “badges in” to gain access through that level’s main door. He proceeds to his desk and signs into the company network to access his email, etc. At the same time, someone else is using the identical access credentials remotely via a VPN (Virtual Private Network). Obviously, he can’t be physically present locally and remotely. A converged cyber-physical PIAM platform detects the external intrusion by automatically identifying the access anomaly and allows security to immediately disable access, preventing a potential threat.

True Prevention – Converged IAG | NERC-CIP Compliance | Centralized way to disable ALL access

2. Self Service Access

Does your organization currently send separate manual access requests to each department and then wait for what seems like an eternity before each department responds? Do requests for supporting information sometime stay in those departments and never get back to the requestor? You’re not alone. This outdated approach is time-wasting, unproductive and leaves security in limbo. Self-service access capabilities empower your users, managers and area owners and reduces the burden of security staff so they can focus on critical areas. The system automates the tedious task of collecting information related to access requests. The requestor receives acknowledgement followed by confirmation. Automated workflow capabilities notify managers quickly so they can approve access and keep staff on task and productive. It’s fast and secure.

3. Automated Physical Access Reviews and Re-Certification

Periodic access review and re-certification has been an audit mainstay in the IT world. However, this is often overlooked when it comes to decisions regarding physical access. Change is constant as it applies to the modern workforce ‘hire-to-retire’ journey. As each employee and contractor reach new milestones within their journey (promotions, location change, education and training) it’s important to automate the periodic review of their roles, access and security policies prior to additional access being granted. This prevents ‘access-creep’ and ensures access previously granted is still valid and re-certifies it against your most up-to-date security policies and compliance standards.

4. Identity Intelligence and Risk Scoring

The combined categories of employees, contractors, vendors and visitors who have been granted access to the organization at any given point in time comprise the badged population. Security managers need to know how just how large this population is, what risks they pose to the enterprise and how to mitigate it. Incorporating risk scoring and behavior patterns into an identity profile allows for proactive risk analysis before granting or removing access.

Identity Intelligence technology is powered by artificial intelligence and machine learning in combination with an active policy enforcement rules-based engine to reveal critical risk insights. For example, John Q is a control room worker who has been following a steady shift pattern of working 9-5, Monday through Friday. He suddenly starts showing up at midnight on a Saturday and uses his work badge to access a secure area. The deviation from the pattern of 9-5 on weekdays and the exception to the rules – that people with John’s role should not be accessing a room that stores critical assets – sets off an automated series of alerts to management stakeholders including security personnel.

The automatic baseline of identity profiles allows Identity Intelligence technology to quickly sort through millions of events to detect anomalies and trends for an effective response to potential malicious behavior and policy violations.

NEXT STEPS

Enterprise Guardian software incorporates all four essential components of effective PIAM, allowing you to turn PIAM into a true business enabler.

Wherever you are in your PIAM journey, there’s no better time to step into the future of identity. Connect with our identity and security convergence experts to discuss your next steps.

Back to Resource Center

Let's chat.

Request a Demo

At AlertEnterprise, trust is at the center of everything we do. We bring people, processes, data and technology together in true security convergence.

© Copyright 2022 AlertEnterpise, Inc. All Rights Reserved. Privacy Policy

David Cassady

Chief Revenue Officer

David Cassady has been selling and leading sales teams in Silicon Valley for more than 30 years. During that time, he’s led a mix of established software players and startups. Cassady has also been involved with five IPOs — and at least as many acquisitions.

As Chief Revenue Officer, David leverages his extensive experience helping software businesses drive growth through skill-building for cloud and SaaS-focused teams. Together with the AlertEnterprise team, David is focused on the intersection of a repeatable sales process, a predictable pipeline and a multi-channel go-to-market strategy that includes physical security system integrators and SAP — all with the goal of driving explosive growth for the company.

Mark Weatherford

Chief Security Officer

Mark Weatherford brings years of high-level cyber-physical expertise to AlertEnterprise, and as Chief Security Officer (CSO), he guides the strategy of data management and protection by advising cyber-physical security policies and procedures within the company. Weatherford also works in liaison with businesses and executive professionals in the cyber and physical security industries to further accelerate security convergence adoption.

Mark has held numerous high-level cyber-centric positions, including Vice President and Chief Security Officer at the North American Electric Reliability Corporation (NERC), the Department of Homeland Security’s first Deputy Under Secretary for Cybersecurity under the Obama administration, California’s first Chief Security Officer, and the first CISCO for the state of Colorado.

Harsh Chauhan

Chief Technology Officer

As Chief Technology Officer (CTO) of AlertEnterprise, Harsh Chauhan is responsible for the company’s engineering technology innovation and solution delivery. A 20-year technology veteran and leader, Chauhan is focused on the growth of the company’s 3D Governance Risk Compliance (GRC) hyperscale cloud platform.

He also continues to develop integrated solutions with leading technology partners like SAP, SAP NS2, and ServiceNow. Before AlertEnterprise, Mr. Chauhan held multiple CTO positions, as well as Product Owner and Head of Development at SAP GRC 10.0, delivering targeted solutions to high-profile SAP clients.

Ruby Deol

Chief Operations Officer

Ruby Deol oversees all business units at AlertEnterprise. With more than 20 years of experience in global sales and support services, Deol nurtures existing client relationships with a customer-first approach. As AlertEnterprise continues to grow in industry recognition and stature, Deol is charged with developing and implementing methods to meet organization goals and facilitate the company’s ongoing transformation.

Jasvir Gill

Founder and CEO

Leading the charge of digital transformation and security convergence is Jasvir Gill, Founder and CEO of AlertEnterprise, Inc. An accomplished engineer by trade, Gill is driving the long-overdue digital transformation of the physical security industry.

Prior to launching AlertEnterprise, Gill was the founder and CEO of Virsa Systems, where he grew the company into a global leader of application security software. An early pioneer in establishing governance, risk and compliance as a software market segment, he drove exponential growth at Virsa, facilitating its acquisition by SAP in 2006.

In his free time, Jasvir helps drive social and economic empowerment in the community. He’s also a trustee at the American India Foundation.