With ever more enterprise data and functions moving from on-premises data centres to the cloud, the corporate firewall is no longer an effective demarcation of company-internal assets from the rest of the world. Identity has rapidly become the next security perimeter – the passport which systems inspect to grant or deny access to information assets. But such an approach demands robust processes for managing identities throughout their lifecycle.
This presentation outlines how Orica evolved from largely manual processes without much visibility, to fully-automated identity management, with provisioning and de-provisioning of job-based authorisations in both SAP and non-SAP systems, how this changed the way we look at security, and what challenges remain.