The annual security review is a service from SoftwareIDM to obtain an expert examination of the security posture of an Identity Panel deployment. SoftwareIDM will perform at least the following security checks.
Primary Review Items
- Review security roles have appropriate permissions
- Review Panel service account permissions, including explicit credentials
- Stored credentials properly stored and encrypted
- Privileged accounts have MFA
- Audit frequency and performance of data scans
- Missing providers, verify all licensed providers are deployed, configured, and in use
- Audit for systems that should be monitored as part of identity solution and are omitted
- Verify that security roles have appropriate owners
- Review PowerShell stored within Identity Panel
- Audit separation of duties features for Panel Service
- Examine password vaulting of Panel service credentials
- Examine security of email notification mechanisms
- Review certificate types for SSL connections to Identity Panel
- Review throttling, thresholds and other data protection limits
- Review health check configuration
- Review Panel Check configuration active and configured for notification
- Review descriptions of business rules to ensure match code. Validate attestation of business rules
- Match current Identity Panel configuration against design document (if any)
- Compare non-prod and production configuration
- Review Service Panel audiences to search for invalid escalation of privileged access
- Verify that high privilege identity panel accounts are secondary, and separate from regular accounts
- Validate that data retention policies are implemented and appropriate
- Review license and implementation status of non-repudiation features
- API keys rotated when identity admins leave company
- Validate authoritative data sources.
- Check for retired panel services and panel service accounts
- Check for use of shared accounts
- Review resumes, professional credentials, and training history of users with privileged identity access
- Review or validate data minimalization
Advanced Review Items
Pick and choose from this advanced item.
- Perform security checks of MIM Portal and MIM Sync services
- Review Azure security roles and directory settings
- Review usage of PIM/PAM (availability, scope, and rollout effectiveness)
- Review directory on-boarding and off-boarding completeness and effectiveness
- Review management and ownership processes for privileged accounts
- Review off-boarding of privileged accounts
- Review management and ownership processes for service accounts
- Review password policies, rollover, and vaulting of service accounts
- Review patching, maintenance, and monitoring of identity management servers
- Review management of account dormancy
- Review password policies, synchronization, rollover, reset options, initial credential delivery
Comments
0 comments
Article is closed for comments.