We know how much of a necessity IAM is to a security program, however we often have difficulty convincing other departmental leaders and their teams of this. We both want to simplify, automate, and understand access, this is actually mutually beneficial
If you’ve built an IAM program you know just how hard it is to figure out who needs access to what, which rogue SaaS apps your company is using (hint it’s all of them), how many redundant apps there are, who owns which apps, and most importantly who has to much access making them a cushy target. To get a decent picture of what software inventory you have and how the current provisioning of access works. You will need to build direct relationships with key members from each department if not someone from every team at your company. How do you get this done, what strategies can you use to get them to open up and help you understand their workflows and the access problems that they face and how you can help each other.