Identity and access management solutions are difficult to manage, so you need identity metrics to measure their performance effectively. People from other departments might not collaborate, or senior management is more technology-specific than employee-centric. Problems like these can crop up. In this article at CSO Online, John P. Mello Jr. shares identity metrics to help you measure IAM solution performance without any issue.
Importance of Identity Metrics
Notwithstanding the challenges companies face, IDC projects that market growth of IAM solutions has increased by 7 percent in 2019, i.e., $8 billion. Cybersecurity research director Jay Bretzmann remarks that 70 percent of organizations still depend on on-premise solutions. A rock-solid identity governance and administration (IGA) strategy can boost your identity procedures. For additional help, identity metrics can provide granular insights into your IAM solution performance. Here are the ten parameters you must follow:
A reset costs your company from $10 to $70, and some users change their passwords weekly and monthly. Keep a check on password resets using the metric.
The more credentials you have, the more shortcuts you want to take to remember them. It is one of the identity metrics that warns you of impending cybersecurity attacks when users start using common credentials.
Can your IAM system detect an orphan account when an employee leaves the company? BeyondTrust CTO Morey Haber warns, “They’re ripe for attack if they’re not controlled.” This metric reveals the number of uncorrelated accounts in the company.
Owned Resource Percentage
Adam Laub, CMO of Stealthbits, remarks that resources with no owner present to take care of them face the same threat as orphan accounts. Calculate the percentage of such random resources with this metric.
IAM tools must detect new accounts and analyze their access density. They should then forward a report to the help desk to give relevant access to the new user.
Avg. Time to Provision a User
The more time it takes to settle a new user, the less productivity you generate from the individual. It is one of the identity metrics to help you figure out if the IAM tool is sending timely usage reports.
Unowned Privileged Accounts
With privileged access management (PAM), you realize who used the privileged access and what they did with the password present in the vault.
Violation of Separation-of-duty
How many violations have your IAM system flagged in a month? These identity metrics convey if your solution is working fine.
Access Privilege Checks
Privileges are never utilized properly. Check if your IAM system can detect anomalies in access privileges across the company.
No. of Used Machine Identities
Venafi VP Kevin Bocek acknowledges the complexity when machines too access network resources. It is one of the identity metrics that help discover the number of machine identities logged into your company database.
To view the original article in full, click on the following link: https://www.csoonline.com/article/2129591/metrics-budgets-10-identity-management-metrics-that-matter.html