Big Bad Scary Data Issues

March 4th, 2009 by Lois Melbourne

Layoffs and reorganizations can wreak havoc on your documentation for compliance, such as the FDA and SOX required “who owns what” style. The changes of ownership are happening rapidly and documentation may not be keeping up. Yet the regulators are scrutinizing even closer for that very reason. But there is a scarier data issue: identity management.

In good times, terminated employees have login credentials lasting 30 days, on average, to some systems  (Forrester Study). Identity management systems and outlying security administrations may not be able to keep up with the speed of layoffs and reorganizations. Even if IT is pulling double or triple duty to make sure that the terminated employees have been locked out of your systems, are they able to keep up with the reorganized people within the company and their new roles? Is the person who was moved from purchasing to the inventory control department removed from accessing the purchasing system?

Is the person who was moved from purchasing to the inventory control department removed from accessing the purchasing system? Without the ability to visually inspect the login credentials of individuals and see groups of people or positions assigned to various systems, the task becomes daunting and highly inaccurate. Both speed and accuracy are critical for consideration in this process. I have seen identity management handled very well, however, and have a few recommendations.

Top Tips I see working well:

  • Overlay the identity management data upon the corporate org chart to visualize the logic of a position’s access to the corporate systems.
  • Build business rules (or review your existing business rules) to assure the separation of roles. For example, access to an inventory system should not overlap access to purchasing systems; and DBAs shouldn’t have access to the same system’s security identity management.
  • Require individuals to justify their need for access to any systems that management questions. Mass email requests to these groups can be automated.

Cheers,
Lois

You may also like...

  • Related Blog Post

    Tough Choices Within an RIF

  • Related Blog Post

    The Key to Fact-Based Decision Making – Relevant and Understandable Workforce Data

  • Related Blog Post

    Reorganizing for the Talent Crunch
    • Share and Enjoy:
    • Digg
    • del.icio.us
    • Facebook
    • Mixx
    • StumbleUpon
    • Technorati

    Posted in HR Issues
    Tags: ,

    Leave a Comment