By Rod Simmons, vice president of product strategy, Omada, shortlisted for Best Enterpise-Level SaaS Product category at 2022 SaaS Awards
Autonomous vehicles, artificial intelligence (AI), and a networked metaverse come to mind when we consider what the future holds. The dystopian settings of films like The Matrix or Blade Runner, where robots are displacing humans, serve up AI as a bogeyman. However, compared to what we see in the movies and in the catchphrases that crowd today’s headlines, the future appears to be a bit more peaceful and more substantial.
Identity Governance & Administration (IGA) is one such sector that’s being radically impacted by new technology in a pivotal way, even though it’s not as glamorous as cyborgs. The goal of IGA is to automate business activities that touch all applications and systems – at scale and with repeatability. IGA gives insight across all applications and IT systems to regulate entitlements and access across the complex landscape – and it’s on the cusp of significant change.
As businesses undergo digital transformation, they likely have a variety of resources, whether hosted on-site or in the cloud, that must all be specially provisioned to a growing number of digital identities that need access from all over the world. Automating repetitive, manual operations is sometimes necessary to manage this increased complexity.
In other situations, AI should be used to supplement and support human decision-making. This is the core of intelligent IGA, which is scalable, straightforward and agile. For this next stage of IGA, we see four pillars as essential:
- “Everywhere” identity governance
- An enhanced security ecosystem
- Universal connectivity
- Assisted decision-making
Identity governance everywhere you look
Identity governance must be made more accessible to everyone who needs access, wherever they need it, as associated identities (workers, third-party contractors, interns, etc.) continue to multiply because of the work-from-anywhere trend.
In the context of intelligent IGA, “accessible” refers to improving the productivity and efficiency of administrative duties for business users and administrators, including workflows and access requests. Modernizing the user interface and making it simple to use and interact with is the first step.
It also entails expanding IGA functionality for corporate users as widely as possible. IGA should not obstruct users’ ability to work however or wherever they choose, and it should integrate seamlessly with their preferred user interfaces.
As a result, IGA must be expanded to include IT service management (ITSM), communication and collaboration tools, as well as offering as many mobile and tablet-adaptive applications as is practical. These integrations can be carried out using APIs, which provide smooth communication between programs with low latency and tight security.
Enhancing the security ecosystem
Venture capital investments in cybersecurity startups reached a record-breaking $21.8 billion in 2021, and a number of new tools introduced cutting-edge technology to the market. While it’s fantastic to assess new tools that claim to solve old problems in novel ways, security, identity access management (IAM) and IT teams may become overwhelmed by all of it. And by using the advantages of other best-in-class solutions, intelligent IGA may help to be the glue for an enhanced security ecosystem – rather than having one solution that runs a mile wide and an inch deep, which can quickly lead to significant security problems.
Teams create an identity-centric cybersecurity methodology that increases visibility of risk and compliance by combining information from the security landscape through bi-directional information exchanges.
These exchanges happen by integrating IGA with leading Access Management, Cloud Infrastructure Entitlements Management (CIEM), Security Information and Event Management (SIEM), Data Access Governance (DAG) and Privileged Access Management (PAM) solutions. This frees up enterprises from having to piece together solutions in a way that can lead to cumbersome workflows; instead, they can use best-in-class solutions for mission-critical activities.
Making connectivity universal
In the past 24 months, enterprises added an average of 65 new business-critical apps to their stacks, and almost 70% of those were delivered as a service, according to a recent ESG study. Customers will always need the ability to swiftly integrate connectivity to new apps for provisioning and deprovisioning access as they are introduced to the business.
We’ve seen the drawbacks of a code-heavy approach, such as drawn-out deployments and expensive coding errors that are challenging to manage, because IGA solutions have traditionally required proprietary code to connect to applications. We anticipate this transitioning to a standards-based methodology, similar to REST and SOAP, that enables businesses to configure connectivity without writing custom code. Additionally, the potential to democratize connectivity will only make this process simpler and better by enabling connections between businesses in related industries and the sharing of best practices for deploying connectivity packages.
The basis of intelligent IGA lies in the capacity to use automation and intelligence to enhance human decision-making, as well as to automate – where practical – key IGA operations including access reviews, managing the identity lifecycle and certification campaigns.
However, without trust, automation and decision augmentation are not feasible. To be able to relay information to auditors and explain how they came to a particular decision or why an algorithm was fed in a particular way, humans must have confidence in the technology that provides them with information, which is derived from confidence in the quality of the underlying data.
When used to facilitate automatic approvals for low-risk requests with an action-enabled audit trail, such as automating certifications and access approvals for specific identity types, intelligent IGA shines. After that, you may make suggestions to support IAM teams at decision points by using the various identity data and analytics, such as regularly recommending modifications that can be made to both new and current roles and policies.
Next, consider ways to automate these kinds of more difficult choices, as well as instantaneous, just-in-time access assignment in the target systems following approvals and real-time access right revisions as the context or circumstances change.
The complete intelligent IGA package
The four components of intelligent IGA discussed above serve the present and future requirements of businesses in their never-ending drive to manage and empower all of their digital identities.
Intelligent IGA should also have a quick time to value so that there is no waiting around for a protracted deployment that consumes human effort, time and money. It should also be a security control that does not impede productivity for business users and even enhances it, and it should incorporate intelligence at every step to enable wiser decisions that comply with regulations, improve security and unlock efficiency.