IAM Risks during Organizational Change and Other Forms of Major Upheaval
Managing digital identities and computer and network access rights is difficult at the best of times. But today’s rapidly changing organizational structures and technology dependencies make for even greater challenges. In this chapter, we review the various stages in the identity and access management (IAM) lifecycle from the particular perspective of organizations undergoing substantial change from mergers and acquisitions, business expansions and contractions, as well as internal structural and technological changes. We also look at the impact on IAM of incidents originating from outside organizations, such as natural disasters (earthquakes, hurricanes, volcanic eruptions, etc.) and manmade catastrophes (terrorist bombings, major oil spills, etc.). We address the question of how one might prepare for and respond to such events by managing and controlling identification and authorization in fast-moving, difficult-to-control situations.