Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management

Making the Case for Centralized IAM Management Control

Booking.com Head of IAM on Benefits of Centralized Access Management
Manuel Garat, head of IAM, Booking.com

The problem with decentralized access management, says Manuel Garat, head of IAM at digital travel company Booking.com, is that whilst you might know who or what needs access to your network, applications and data, you "don't always know who shouldn't have access."

See Also: The State of Asset Security: Uncovering Alarming Gaps & Unexpected Exposures

Garat recommends a centralized approach to access management. "It's very, very important to have centralized management, because it allows you to centrally enforce segregation of duties and strategical restrictions," he says. This is particularly useful for smooth, secure replatforming and M&A.

Implementation of centralized access management, he says, requires an agile approach and understanding of the technical landscape. "Your consumers are not going to be homogeneous. They're definitely going to be different, all over the place. So it needs to be very flexible in terms of integrations."

In a video interview with Information Security Media Group, Garat discusses:

  • The impact of cloud-based services and mobile devices on identity and privilege at Booking.com;
  • Why he is an advocate of centralized access management and how to overcome implementation challenges;
  • Misconceptions around passwordless and how we can strengthen authentication methods.

Garat is the IAM lead at digital travel company Booking.com. In this role, he brings together his three passions: software development, security, and agile methodologies. His background is in engineering and he is a certified information system auditor and certified professional scrum product owner.


About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.