1 Introduction
Digital identities are at the core of Digital Transformation, Information Security and Privacy, and Identity Management is essential for enterprises to ensure they can manage identities effectively and efficiently in a rapidly changing business, regulatory, and IT environment. Identity Management includes identifying, authenticating, and authorizing individuals or groups in an organization (B2E) to access applications, systems, or networks by associating user rights and restrictions with established identities. Also, partners (B2P), customers and consumers (B2C), and non-human entities have identities such as services (software processes) and internet-connected devices that make up the Internet of Things (IoT). This gives rise to the notion of identity as being the new perimeter instead of the corporate network due to the increasingly distributed nature of working and collaborating in a highly-connected world that is migrating to the cloud and becoming more mobile.
Identity Governance and Administration refers to the increasingly integrated Identity Lifecycle Management and Access Governance markets. IGA touches the IAM market's capabilities that broadly deal with end-to-end identity life-cycle management, access entitlements, workflow and policy management, role management, access certification, SOD risk analysis, reporting, and access intelligence. As IGA becomes an important security risk and management discipline directly impacting any organization's security posture, a lack of necessary IGA capabilities can leave organizations exposed to risks originating from inefficient administration of identifies and access entitlements, poor role management, and lack of adequate auditing and reporting.
Increased adoption of cloud-based identity stores and directories such as Microsoft Azure Active Directory (AAD) has created additional pressure on IGA tools to support Out-of-the-Box (OOB) integrations with cloud services based on industry specifications such as SCIM. Many IGA vendors also support mobile devices and communication applications such as Slack to enhance the user experience, which has become an important differentiating criterion for organizations to evaluate an IGA product.
IGA solutions today provide analytical capabilities beyond reporting and use other approaches such as deep machine learning for automated reviews are becoming increasingly important. Identity analytics uses identity-related data to derive meaningful information from the enormous logging and auditing information generated by the systems to enhance the overall efficiency of IGA processes in an organization. Analysis of this identity and entitlement data can support capabilities like role management, access requests, and policy management. Other benefits of advanced analytics include recommendations for efficient use of roles, risk-based mitigation of access policy violations, automated access reviews, and even correlation of identity events across disparate systems to derive actionable intelligence.
The convergence of Privileged Access Management (PAM) capabilities with IGA or integrations of IGA with PAM tools is another trend that we see picking up aggressively in specific industry verticals, particularly the ones that are heavily regulated. Application Access Governance is also needed to help mitigate access risks and access policy violations in complex application environments. Data access governance (DAG) is required to conserve sensitive and business-critical data, maintain data integrity and provide security.
The adoption and use of IGA within organizations are increasing, and the capabilities that they provide are continuing to evolve to meet the demand of today’s IT security. Organizations would do well to invest in an IGA solution that provides a solid set of IGA capabilities and continues to innovate to meet future changes.