Identity ManagementAuthentication and Authorization TechnologiesIdeal forEnhancingCommercialGovernmentIntelligenceLegalHealthcareFinancialEducationUtilityComplex TechnologyIdentity and access management affects nearly every organization, to one degree or another. It is an exceptionally complex technical area, including identification, authentication, and authorization. A wide array of software and hardware solutions have grown to fill the technical needs defined by these concepts, the correct configuration of which being paramount to ensuring proper access to corporate systems and data.Identification refers to the need to validate a user’s identity, prior to the assignment of security credentials – including hardware tokens like smart cards, and logical tokens like usernames and passwords. The corporate processes around this function are frequently prone to social engineering attacks, for example helpdesk impersonation, and require regular testing and training to maintain proper control of security tokens.Authentication (AuthN) refers to the confirmation of a user’s identity to an automated system, including both physical (e.g., gates and turnstiles) and logical (e.g., computer networks and corporate applications) access. Public key infrastructure (PKI), hardware tokens, and biometric solutions are commonly implemented, to provide the higher assurance of multi-factor authentication. It’s true that AuthN solutions can be exceptionally complex, especially given the mobility and collaboration requirements of most large organizations. As a result, there are a significant number of security controls that must be assessed and validated to ensure that proper security posture is maintained across all physical and logical systems.Authorization (AuthZ) refers to the level of resource access granted to authenticated users, including both physical (e.g., room access) and logical (e.g., application and data) access. There are a number of different AuthZ concepts that may be suitable, given the level of assurance required – including discretionary access control (DAC), role-based access control (RBAC), and attribute-based access control (ABAC). The implementation and configuration of a suitable AuthZ solution requires extensive knowledge across multiple domains, and a deep understanding of corporate data handling goals. Regular security testing is also required.Extensive CapabilitiesAerstone’s service offerings in the IdAM and PKI space include:Security training and consultingMicrosoft Active Directory design, implementation, and migrationDesign metadirectory and virtual directory solutionsImplementation of HSPD-12 compliant PKI solutionsArchitecture of single sign-on (SSO) and reduced sign-on strategiesDesign and implementation of authorization strategies, including RBAC and ABAC modelsSecurity testing of PKI-enabled applications and websitesImplementation of identity federation solutionsOur Experience Sets Us ApartAerstone is an NSA-certified vulnerability assessor, and a service-disabled veteran-owned small business.We approach each engagement with the highest levels of professionalism, determination, and creativity, honed by years of working with security professionals across the military, intelligence community, civilian government, and private industry. Contact Us TodayMore ProductsPCI CompliancePCI Qualified Security Assessments for payment card acceptanceCMMC / DFARSCMMC Readiness Assessments for DoD Contractor CompaniesRed Flag RulesCompliance With FTC Identity Theft Legislation VIEW ALLLET'S TALKConnect with Aerstone's cybersecurity experts today.Let us know what you’re interested in and we’ll get back to you within 24 hours.Full Name *Email *Phone NumberWebsiteHow Can We Help? *LET'S GO!
