 |
In a recent webcast on Identity management for the retail sector, we asked attendees five poll questions to better understand their level of concern and the state of their capabilities for managing and governing user identities and access. It comes as no surprise that security continues to be top of mind for retailers. Ninety percent of our webcast attendees characterized security as a significant IT concern. Despite increased attention to data security and investment as a result of the very public breaches we saw in 2013 and 2014, half of our attendees still see data security as their top IT concern, while another 40% rank it as a key issue, though not quite at the top. While information security is a top priority, almost half of respondents do not have an Identity Governance and Administration (IGA) solution in place. This type of tool allows companies to govern access within an organization with policies, and automates access reviews, access requests and provisioning. An Identity Governance and Administration tool delivers business value and helps with cyber security. During the webcast, we reviewed five use cases where RSA’s IGA solution, RSA Identity Management and Governance (IMG), has helped retailers with challenges like monitoring access to point of sale (POS) systems, managing access for seasonal workers and contractors, removing unowned accounts, and streamlining account management at the store level. Another key takeaway from our webcast was the importance of a comprehensive data protection strategy. It’s more than just payment card information that’s of concern. When asked to choose between point of sale systems, loyalty systems, financial systems or file shares as the systems where there is currently the most concern about managing and securing access, most of our participants said that they are most concerned with managing access to file shares. This was eye-opening and a bit surprising, as we expected there to be more immediate concern with controlling POS or loyalty systems. However, this answer illustrates an important point. File shares, when unmanaged, are a true security challenge with an abundance of data and not a lot of control over access. With a system in place, it’s possible to govern these file shares right down to fine-grained entitlements to make sure that there are rules and policies around who can access them. It was exciting to see that both the understanding of security challenges and desire to improve capabilities continues to advance in the retail sector. To learn more about retail, identity and cyber security, you can watch the replay of our webcast “Force Cyber Criminals to Shop Elsewhere.” The post Taking the Pulse of Identity in Retail appeared first on Speaking of Security - The RSA Blog and Podcast. |
