Access Management , Biometrics , COVID-19

Building an IAM Strategy for the 'New Normal'

Panel of Experts Offers Insights on Strategies During COVID-19 Crisis
L-R: Anand Pande, CISO, GSTN; Brijesh Datta, EVP & CISO, Reliance Jio; Charanjit Singh Sodhi, ED & Head-IAM, Nomura

The identity and access management strategy for the remote workforce should ensure contextual authentication to establish the credentials of the users, apply risk-based authentication for measuring user risk profiles and establish a multifactor authentication mechanism, a panel of experts says.

See Also: Rapid Digitization and Risk: A Roundtable Preview

"Most mature organizations are taking the risk-based authentication approach as part of the IAM strategy that will help understand the risk profile of the user in all its entirety, including identifying the location, devices, and access points and remove as much friction as possible,” Brijesh Datta, executive vice president and CISO at Reliance Jio, a telecommunications organization, says in the video panel discussion with Information Security Media Group.

Charanjit Singh Sodhi, executive director and head of IAM at Nomura Wholesale, a financial services organization, notes: "Establishing a contextual authentication process is very critical in the IAM strategy for the remote workforce which needs to be expanded to ensure basic security hygiene.”

Anand Pande, CISO at Goods and Services Tax Network, which provides IT infrastructure and services to the central and state government and taxpayers, adds: "Organizations should revisit their IAM policies for the current environment, which is tightly integrated with the PAM strategy, to balance the business need and security, along with a multifactor authentication mechanism to establish secure communication between infrastructure team and clients and enable the right access to the users."

In this video panel discussion, the three experts address:

  • How to apply a single sign-on strategy for better user access control;
  • The importance of privacy to IAM;
  • Improving identity governance and enhancing security posture with IAM.

As the executive vice president and CISO at Reliance Jio, Datta manages security for all the company's vertical markets. Datta has more than 25 years of experience in telecommunications, IT, and information security. He was a former army officer who was instrumental in defining cybersecurity practices for the Indian Army in the late 1990s.

Sodhi served with distinction as an officer in the Indian Navy, where he was awarded the Chief of Naval Staff Gold Medal and the Sword of Honor. After that, he has worked at SecureSynergy, Fidelity, Airtel, and JPMorgan Chase. Currently, he is the executive director and the head of identity and access management at Nomura Wholesale.

Pande is the CISO at GSTN. He has more than 18 years of experience in InfoSec, IT governance, risk management, and compliance. He has worked in several industrial sectors, including banking, financial services, and Insurance, Fast Moving Consumer Goods, IT/ITES, and telecommunication. His areas of expertise include designing, implementation, and management of information security, IT Infrastructure and IT security.

About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Managing Editor & Conference Chair, Asia and Middle East, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.