æšä»ãã¢ã€ãã³ãã£ãã£ïŒIDïŒ/ç¹æš©ã¢ã¯ã»ã¹ã»ã»ãã¥ãªãã£ã®èª²é¡ã¯æ³šç®ãéããŠããããã®èæ¯ã«ã¯ãæ°ããçæŽ»æ§åŒã®äžç°ãšããŠã瀟å€ç°å¢ãã瀟å ãããã¯ãŒã¯ãã¯ã©ãŠããžã¢ã¯ã»ã¹ããæ©äŒãå¢ããããšããããäŸãã°ãåŸæ¥ã¯ç¹æš©ã¢ã«ãŠã³ããå©çšããŠãµãŒãã®ã¡ã³ããã³ã¹ãè¡ãéã瀟å ãããã¯ãŒã¯äžã®ãšã³ããã€ã³ããã察象ã®ãµãŒãã«ã¢ã¯ã»ã¹ããŠãããããªã¢ãŒãã¯ãŒã¯ãã¯ã©ãŠãã®å©çšã«ãã瀟å ãããã¯ãŒã¯å€ããã¢ã¯ã»ã¹ããå¿ èŠãåºãŠããã
ãã®ãããªç€Ÿå€ã«ãããšã³ããã€ã³ãã¯ããµã€ããŒæ»æè ã«ãšã£ãŠIDããã¹ã¯ãŒããçªåããæ Œå¥œã®æ»æå¯Ÿè±¡ã«ãªãããªããªãããµãŒãã«ã¢ã¯ã»ã¹ãããšã³ããã€ã³ãã«ã¯éå»ã«ã¢ã¯ã»ã¹ããç¹æš©ã¢ã«ãŠã³ãã®æ å ±ã®çè·¡ãæ®ã£ãŠããããã§ããããµã€ããŒæ»æè ã¯ãã®çè·¡ãæªçšããŠç€Ÿå ãããã¯ãŒã¯ãžæ°Žå¹³ç§»åããŠäžæ£ã¢ã¯ã»ã¹ãè¡ããæçµçã«äŒæ¥ã®éèŠãªè³ç£ã«ãã©ãçãããšããã
Identity Defined Security AllianceïŒIDSAïŒã«ãããšãäŒæ¥ã®94ïŒ ãIDé¢é£ã®äžæ£ã¢ã¯ã»ã¹ãéå»ã«åããçµéšããããšãããããããäºæ ã«å¯Ÿå¿ãã¹ããäŒæ¥ã¯ã»ãã¥ãªãã£æŠç¥ãšããŠç¹æš©ã¢ã¯ã»ã¹ç®¡çã«æ³šç®ããã»ãã·ã§ã³åé¢ãç¹æš©ã¢ã«ãŠã³ãã®äžæ£å©çšãããéã®ãªã¢ã«ã¿ã€ã æ€ç¥ã«ãããªã¹ã¯ãæå°éã«æããåãçµã¿ãé²ããŠããã
ãªã³ãã¬ãã¹åãã¯ã©ãŠãåãªã©æ°å€ãã®ç¹æš©ã¢ã¯ã»ã¹ç®¡çãœãªã¥ãŒã·ã§ã³ãããçµç¹ã®ç¹åŸŽã«èŠåã£ããœãªã¥ãŒã·ã§ã³ãéžã¶ã«ã¯ã次ã®6ã€ã®ç¹ãèæ ®ããå¿ èŠãããã
ïŒ1ïŒãã€ããªããã»ã€ã³ãã©ã¹ãã©ã¯ãã£ã«å¯Ÿå¿å¯èœã
é©åãªç¹æš©ã¢ã¯ã»ã¹ç®¡çãœãªã¥ãŒã·ã§ã³ã¯ãäŒæ¥ãçµç¹ã®ã€ã³ãã©ã¹ãã©ã¯ãã£ç°å¢ã«å¯Ÿå¿ããŠããå¿ èŠãããããªã³ãã¬ãã¹ããã¯ã©ãŠããããã³ãã®åæ¹ãããªããã€ããªãããªã©ãã€ã³ãã©ã¹ãã©ã¯ãã£ç°å¢ã¯ããŸããŸã ããããã®ç°å¢äžã§ããã¹ãŠã®IDãã€ã³ãã©ã¹ãã©ã¯ãã£ãã¢ããªã±ãŒã·ã§ã³ã«ããã£ãŠæ¥åå¹çãäœäžãããã«ã匷åºãªé²åŸ¡æ å¢ãå®çŸã§ããããæ¬¡ã®é ç®ã«ã€ããŠç¢ºèªããå¿ èŠãããã
- ãŠãŒã¶ãŒãšãªã³ãã¬ãã¹ããŸãã¯ããã€ããªããããã«ãã¯ã©ãŠããSaaSã®ã¯ãŒã¯ããŒãã®ãªãœãŒã¹ãå¹ççãã€é«ãè²»çšå¯Ÿå¹æã§ã·ãŒã ã¬ã¹ã«æ¥ç¶ã§ããã
- ä¿¡é Œã§ããããŒã«ããµãŒãã¹ã§ãããã³ã³ãã©ã€ã¢ã³ã¹ããã©ã€ãã·ãŒã«å¯Ÿãã顧客ã®èŠæã«å¯Ÿå¿ã§ãããæ¢åã¢ããªã±ãŒã·ã§ã³ã ãã§ãªããæ°èŠã®ã€ã³ãã©ã¹ãã©ã¯ãã£ãšã®é£æºãå¯èœã§ãããITæè³ãæå€§éã«æŽ»çšã§ããã
ïŒ2ïŒããžã¿ã«ãã©ã³ã¹ãã©ãŒã¡ãŒã·ã§ã³ïŒDXïŒã®ç®æšãéæã§ããã
äŒæ¥ã¯DevOpsãæ¡çšãããœãããŠã§ã¢éçºããããã£ãã¯ããã»ã¹ãªãŒãã¡ãŒã·ã§ã³ïŒRPAïŒãå°å ¥ããããšã§ãæ¥åã®èªååãæšãé²ããŠãããç¹æš©ã¢ã¯ã»ã¹ç®¡çãœãªã¥ãŒã·ã§ã³ã«ãããèªååæ©èœãã¹ã¯ãªãããã¯ãŒã¯ãããŒã«å¿ããã¢ããªã±ãŒã·ã§ã³ã»ããã°ã©ã ã»ã€ã³ã¿ãŒãã§ã€ã¹ïŒAPIïŒãšé£æºããããšã§ããµã€ããŒã»ãã¥ãªãã£ãé«ããªãããDXã®æšé²ããµããŒãã§ããããã®éã以äžã®ç¹ã確èªããããšãéèŠã§ããã
- DevSecOpsãã¯ã©ãŠããåŸæ¥åã®ã¢ããªã±ãŒã·ã§ã³ã察象ã«ãå€ãã®çµã¿èŸŒã¿åã®èªèšŒæ å ±ãäžè²«ããŠç®¡çã§ããã
- ãœãããŠã§ã¢ã»ãããããšRPAã®ç®¡çè ã䜿çšããç¹æš©ã¢ã«ãŠã³ãã®èªèšŒæ å ±ãå®å šã«ç®¡çã§ããã
- ã¢ããªã±ãŒã·ã§ã³ã»ã©ã€ããµã€ã¯ã«ç®¡çã®èªååã«å¯Ÿå¿ããããšã§ãçç£æ§ãåäžãããšåæã«ITã®é å»¶ãæå°åã§ããã
ïŒ3ïŒãŠãŒã¶ãŒãšã¯ã¹ããªãšã³ã¹ãéèŠããŠããã
äŒæ¥ãçµç¹ã«ãããŠã»ãã¥ãªãã£ã確ä¿ããããã«äžå¯æ¬ ãšãªãã®ã¯ããŠãŒã¶ãŒãšã¯ã¹ããªãšã³ã¹ã§ãããç¹æš©ã¢ã¯ã»ã¹ã®ç®¡çã»ä¿è·ã«éããäœæ¥ã®è€éåãè² æ ã®å¢å ãæããããªããã»ã¹ã¯ãçç£æ§ãäœäžããããããªããªã¹ã¯ããããããŠããŸãããã®ãããå°å ¥åŸã®éçšã®ãããããéèŠãããœãªã¥ãŒã·ã§ã³ã«é¢ãã以äžã«ã€ããŠç¢ºèªãã¹ãã§ããã
- çŽæçã§ã¹ã ãŒãºãªã¢ã¯ã»ã¹ãšåŒ·åºãªIDã»ã»ãã¥ãªãã£ã»ã³ã³ãããŒã«ã®ãã©ã³ã¹ãåããªããããé©åãªããã»ã¹ãã容æã«å®è¡ã§ããã
- ãªã¢ãŒãã¢ã¯ã»ã¹ã®ç£èŠãšã»ãã¥ãªãã£ã®ç¢ºä¿ã«ãããæå°æš©éã®èŠä»¶ãé©çšãã€ã€ã广ãæå€§éã«çºæ®ã§ããã
- ã»ã«ããµãŒãã¹æ©èœãšèªååã¯ãŒã¯ãããŒããµããŒãããããšã§ããŠãŒã¶ãŒã®å¹çæ§ãšçç£æ§ãç¶æã§ããã
- è²»çšå¯Ÿå¹æã«åªããæè»ãªSaaSã¢ãã«ã«ããå°å ¥ãå¯èœã§ã瀟å ã®éçšæã®è² æ ãã³ã¹ããæå°éã«æããããã
ïŒ4ïŒä»åŸäºæž¬ããã課é¡ã«å¯Ÿå¿ã§ããã
ITã®é²æ©ã¯ç€ŸäŒå šäœããã³äŒæ¥ã®åšãæ¹ãå€ããŠããããã®ããæã广çãªãœãªã¥ãŒã·ã§ã³ãšã¯ãäŒæ¥ã®ã»ãã¥ãªãã£ããŒãºãšãæªæ¥ã®ããžã¿ã«ããžãã¹ã®æ©äŒã®äž¡æ¹ã«å¯Ÿå¿ãç¶ãããã補åã§ããããããã£ãŠãã»ãã¥ãªãã£äŒæ¥ãšããŠITæè¡ã®é²æ©ãšãšãã«çºå±ããŠããåãããžãã¹ãã£ã³ã¹ãèŠæ¥µããã¹ãã«ãªã©ãåªããäŒæ¥èœåãåããŠãããã³ããŒãæãŸããã
- æŠç¥çè²·åã«é¢ããããžãã¹ã®æŽå¯åããæ°ããªè åšããŠãŒã¹ã±ãŒã¹ã«ã察å¿å¯èœãªç ç©¶éçºã®ãã€ãã©ã€ã³ãããã
- ææ°ã®æ»æææ³ã®èª¿æ»ãå°éãšãããæ¥çãããã®è åšç ç©¶ããŒã ãæ¡çšããããšã§ãã»ãã¥ãªãã£ã»ã³ãã¥ããã£ã®çºå±ã«å¯äžã§ããã
ïŒ5ïŒé²åããé«åºŠãªæ»æãé²åŸ¡ã§ããã
ãµã€ããŒæ»æææ³ã¯æ¥ã é²åããŠãããããã»ãã¥ãªãã£ããªã·ãŒã次ã ã«æ¹å®ãããŠãããç±³åœåœå®¶å®å šä¿éå±ïŒNSAïŒã¯ãæ»æè ãæ¢ã«èªç€Ÿã®ç°å¢ã«æœäŒããŠãããšæ³å®ããäžã§ããªãœãŒã¹ã®éçšãšé²åŸ¡ãæèçã«è¡ãããšãæšå¥šããŠããããã®ãäžæ£ã¢ã¯ã»ã¹æ³å®ãã¢ãã«ã«ãããŠãé©åãªãœãªã¥ãŒã·ã§ã³ã¯ãããã¹ãŠã®ãã©ã³ã¶ã¯ã·ã§ã³ã¯èªèšŒããããŸã§ä¿¡é Œã§ããªããã®ããšæ³å®ããããšãæ±ããããã
- æ¥ã å·§åŠåããŠãããµã€ããŒæ»æã«äŒŽãã»ãã¥ãªãã£ããªã·ãŒã®å€åã«å¯Ÿå¿ããªãããæå°ç¹æš©ãä»äžãã人ã«ã²ãã¥ãIDãšäººã«ã²ãã¥ããªããã·ã³ã®ãã¹ãŠã®IDãå æ¬çã«ä¿è·ã§ããã
- ãã¹ãŠã®ã¢ã¯ãã£ããã£ãå¯Ÿè±¡ã«æ¹ãã鲿¢å¯Ÿå¿ã®ç£æ»èšŒè·¡ãæ¡çšããé©å¿åã®èªèšŒã»æ¿èªæ©èœã掻çšããããŒããã©ã¹ãã»ã¢ãããŒããå®çŸã§ããã
- é²åŸ¡åãé«ããããã«ç¶ç¶çã«æ¹åãããŠããããã°ã©ã ã«å¿ããªãããããªã¹ã¯ã軜æžããããã«ã³ã¹ããåæžã§ããã
ïŒ6ïŒå¹ åºããšã³ã·ã¹ãã ããµããŒãããŠããã
IDãšã¯ãæ å ±æè¡ã€ã³ãã©ã¹ãã©ã¯ãã£ã®ããããåŽé¢ãçµã³ã€ããŠãããããé©åãªãœãªã¥ãŒã·ã§ã³ã«ã¯ãå¹ åºãã¢ããªã±ãŒã·ã§ã³ããµãŒãã¹ããããã€ããŒãšã®çžäºéçšèœåãæ±ãããããããã«ãäžé·æçãªèŠç¹ããèãããšçŸåšäœ¿çšããŠããæè¡ãæ°å幎åŸã䜿ãããšã¯éããªãããããã®ãªã¹ã¯ãæå°éã«æããå¿ èŠãããã
- æ¢åã®ITè³ç£ãšãµãŒãã¹ã®äŸ¡å€ãç¶æããããä»ç€Ÿè£œã®ãµãŒãã¹ãšã飿ºã§ããã
- èªç€Ÿéçºã®ã¢ããªã±ãŒã·ã§ã³ããå€éšãµãŒãã¹ãŸã§ãæ¡åŒµå¯èœãªãã©ãããã©ãŒã ãéããŠé£æºã§ããã
- SAMLãRESTãOAUTHãªã©ã®æ¥çèŠæ Œãšãããã³ã«ãéãã容æã«é£æºã§ããã
ããŒã¿ã¯ãããžãã¹ã®æãéèŠãªè³ç£ã®äžã€ã ãã瀟å å€ããªã³ã©ã€ã³äžã®ã·ã¹ãã å ã§è€éã«åæ£ããŠããå¯èœæ§ãé«ããé©åãªç¹æš©ã¢ã¯ã»ã¹ç®¡çãœãªã¥ãŒã·ã§ã³ã«æ±ããããã®ã¯ãæ å ±ã»ãã¥ãªãã£3èŠçŽ ã§ããããŒã¿ã®ãæ©å¯æ§ããå®å šæ§ããå¯çšæ§ããäžè²«ããŠIDããŒã¹ã®è åšããä¿è·ããæ©èœã§ããã
ç¹æš©ã¢ã¯ã»ã¹ç®¡çã®éèŠæ§ãèãããšãããŒã«èªäœãšåæ§ã«å³æ Œã«è©äŸ¡ãã¹ãèŠçŽ ãšããŠãæè¡ãã³ããŒã®çµéšãéèŠã§ãããé©åãªæè¡ããŒãããŒã«æ±ããããèŠçŽ ãšããŠã¯ãå å®ãªè£œåã¢ãããŒãã確ããªå®è¡èœåãšå®çžŸãæè»ãªå°å ¥ã¢ãã«ãåè¶ãã顧客ãµãŒãã¹ãäž»èŠãªã¢ããªã¹ããæ¥çå°éå®¶ããã®é«ãè©äŸ¡ãå®å®ããçµå¶ç¶æ³ãæããããã
äžèšã®ç¢ºèªäºé ã¯ããã³ããŒã®è©äŸ¡ããã»ã¹ã«å ããŠãç¹æš©ã¢ã¯ã»ã¹ã®ç®¡çããã©ã³ã¶ã¯ã·ã§ã³ã®ç£èŠããµã€ããŒæ»æãªã¹ã¯è»œæžã«é¢ããæŠç¥ã®æ§ç¯æã«ãåç §ãã¹ãå 容ã§ããã
è©äŸ¡æã®æ€èšäºé ã«é¢ãã詳现ïŒThe Buyer's Guide to Securing Privileged AccessïŒè±èªïŒ
èè ãããã£ãŒã«
现ç°ãåïŒã»ãã ãã²ããïŒ
ãµã€ããŒã¢ãŒã¯ ãœãªã¥ãŒã·ã§ã³ãºã»ãšã³ãžãã¢ãªã³ã°éš éšé·å ¥ç€Ÿä»¥æ¥ãããªã»ãŒã«ã¹éšéãäžå¿ã«æè¡éšéå šäœãçµ±æ¬ã20幎以äžã«ããã¶çµéšãçããããœãªã¥ãŒã·ã§ã³ã®ç«æ¡ããå®è£ ãŸã§å¹ åºãåéã§æŽ»èºããŠããããµã€ããŒã¢ãŒã¯å ¥ç€Ÿåã¯ServiceNowãDell EMCãªã©ã§ããªã»ãŒã«ã¹ãšããŠåŸäºããSaaSãIaaSããã€ããªããã¯ã©ãŠããããŒãããŒãšã³ã·ã¹ãã ã®ç«ã¡äžããéããŠäºæ¥æé·ã«å°œåããã
