Identity & access management (IAM)

Solutions

Identity & access management (IAM)

Bring Identity Relationships under control

Managing and protecting sensitive customer, business, and personally identifiable information (PII) is increasingly complex and risky. Cyber criminals are trolling for vulnerabilities, and hacktivists are becoming highly skilled at exploiting identity-based data.

Meanwhile, the source of malicious attacks is just as likely to come from the inside, where poorly followed security practices can create holes for potential incursions. To maintain public and consumer trust and comply with regulations, organisations are pressed to strengthen identity and access management policies and processes.

How Deloitte can help?

Deloitte can help organisations in assessing and designing Identity & Access Management (IAM) strategy, organisation, processes and related solutions that provide:

  • Business Alignment by aligning user access rights with business responsibilities, while providing unique capabilities to track and manage the use of privileged user IDs
  • Risk Mitigation by enforcing security policies and standards across the enterprise (including business units, individual locations, and points of business partner and customer access)
  • Cost Control by reducing on-going user administration costs and time-to-productivity

Deloitte proposition overview

  • User Lifecycle Management – Point solutions or comprehensive assistance for assessing and improving user life cycle management processes
  • Access Review & Certification – Assess the organisation’s identity control framework and highlight key identity risks for its users, suppliers and customers
  • IAM Product Selection – Assistance in defining IAM requirements and selecting a suitable IAM vendor solution
  • Privileged Access Management – Assess and improve management of privileged accounts

Our approach & methodology

The strength of Deloitte’s IAM framework is its business process orientation. This includes understanding where organisations' digital identities live in enterprise, cloud, or siloed services, what they can access, and to which job functions and processes they correspond.
 

Contacts

Roland Bastin

Roland Bastin

Partner | Information & Technology Risk

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Stéphane Hurtaud

Stéphane Hurtaud

Partner | Information & Technology Risk

Stéphane is a partner within our Risk Advisory practice. He has over 21 years of experience in the IT risk, Information Security and IT audit fields, with a strong focus on the financial services indu... More

Maxime Verac

Maxime Verac

Senior Manager | Information & Technology Risk

Maxime Verac is a Senior Manager within Deloitte’s Information & Technology Risk services in Luxembourg. He has 11 years of experience in Information Security. During the last 11 years, as a consultan... More