1 Introduction
Managing thousands - or even millions - of identities, both on-premises and in the cloud, can be a daunting task for many large organizations. Since identity data is becoming increasingly important, modern enterprises are constantly seeking to strengthen their security and compliance strategy. At the same time, digital identities are becoming more challenging to manage as IT environments become more complex. Therefore, as enterprises embrace cloud adoption, access to digital services and the infrastructure where these services are housed must be as secure and seamless as possible.
Ensuring that only the right people have access to the right resources at the right time for the right reasons is the goal of Identity and Access Management (IAM) systems. Every enterprise, regardless of size or industry, needs to have an agile and modern IAM platform in place. IAM done right ensures that identities, their user accounts and passwords, and their access entitlements are well-managed across the heterogeneous and increasingly hybrid IT infrastructure of organizations.
Under the umbrella of IAM, we can differentiate between Identity Governance and Administration (IGA), and the broader definition of IAM which includes additional capabilities such as Directory Services, Privilege Management, Web Access Management, Identity Federation, and more. IGA, in fact, is a subset of IAM that deals with the governance and administration of user identities. It includes two core IAM elements: Identity Provisioning and Access Governance.
With Identity Provisioning, users and their high-level entitlements can be created and managed automatically across a wide range of systems and applications, while Access Governance adds the governance layer for monitoring and mitigating access-related risks, analyzing entitlements, improving reviews and recertification processes, and implementing and governing the controls for access management. As a result, the need to have a modern solution with strong Identity Provisioning and Access Governance capabilities is essential, especially for large and complex enterprises.
Unfortunately, IGA has its problems too. Simplifying vast amounts of identity data and making it easy for customers to visualize it in a seamless manner can be challenging. Constructing entitlements based on roles requires a structured approach, discipline, and often involves a lot of work. In addition, automating the provisioning of user accounts and recertifying entitlements should be done whenever possible in order to reduce manual intervention. Essentially, identity today needs autonomous, intelligent, and integrated approaches.
To combat these challenges, we are starting to see an uptake of solutions that use some form of AI (Artificial Intelligence) with Machine Learning (ML) for supporting IGA processes. One of the leading vendors and a pioneer in applying such innovative features to IGA is SailPoint, which have launched a series of modules that make use of these technologies for improving and managing identity data. The SailPoint Identity Security Cloud platform allows enterprises to define and ensure that the identities and access rights that the platform holds are managed securely and seamlessly.