Top 6 Identity Security Problems Overlooked by Companies – 3Columns In typical computing environments, an identity represents a one-to-one relationship between a carbon-based life and their digital presence. Their digital presence, however, can have multiple accounts, multiple credentials, and an infinite number of entitlements in electronic format. Consider the accounts associated with your personal identity and the myriad accounts associated with your corporate identity. These account names may be easily guessable if they are based on a simple template of your first initial and last name. On the other hand, they could be better obfuscated from a threat actor by using some form of patterned letters and numbers. An account name could also be a predefined alias like “administrator” and have a logical meaning to a resource, but not intrinsically known to anyone outside of you unless an audit or IGA certification is performed. It is considered an identity governance best practice to permanently map this identifier back to your identity by including you in a group like “administrators” versus you being the “administrator” itself.
Top Overlooked Identity Management Problems With that intro aside, let’s now consider the top 6 problems a CISO may experience. 1. Employees with the Same (or Similar) Names: If you have a common name (i.e. John Smith), you have inevitably encountered someone with the same name, or at least the same initials. Most corporate email addresses are based on first name and last name, in some combination. As an organization grows, it is likely you will have account name collisions. While most businesses avoid this by adding a middle initial or a number as a suffix, multiple entries in your global address list can make it difficult to find someone. A sender needs to inspect a user’s title and location to determine if they are the correct individual. Thus, truncating a person’s name for an account or email address can become a problem. And, the more you truncate the reference to their identity, the more problematic it becomes.