So you had a earlier session talking about AI use cases and how it's relevant to this domain. So I'm gonna focus primarily on the Gen A side of AI and what we can apply in terms of the technology to IGA. So there is a lot of buzz on Gen ai. You'll get to see what it means.
You know, for us, I'll spend a little bit of time talking about the typical issues that we are dealing with on the IGA side. You just bear with me on that.
Just so, just so that you get some context around what we are dealing with and how some of those key issues can be addressed in a more effective way with Gen ai. Okay?
So we all have faced with it, dealt with it. There are a lot of moving parts, a lot of fragmented things. We deal with complex integrations, dealing with different kinds of systems and so on. So it continues to be a challenge for organizations irrespective of your size. So if you just dig deeper into what it means, we are dealing with complex terminologies coming from either the space itself or the vendor.
You have a lot of diverse standards, different security protocols, compliance requirements, different needs for customers and, and need for skilled people to do a lot of these integrations. So bottom line, you, it generates an issue where it's a steep curve for you to get to where you want to be, right? Then you're dealing with very specific needs of your enterprise because every enterprise is different. The size of the company, the vertical they are in, and the requirements that they have in terms of security compliance.
And then you're talking about branding, personalization, all that means that, you know, you have a lot of customizations. We deal with that as well on a regular basis. And then the, the siloed systems and the fact that, you know, people start with one area of IGA and how they want to get past that and they try to address those issues and it kind of becomes a fragmented approach and incremental implementation models. And also they're constrained by budget as well.
And all this results in sort of a, a, a non holistic view when people are looking at, you know, primarily focusing on compliance as an example, as opposed to strategy, right? Couple of days ago, many of you were probably part of the conversations around how architecture is important.
You know, how do you deal with, you know, longer term strategic things and how you put together some of those.
And it becomes important that you give careful consideration for that. And then as you're driving these things, you always are dealing with a lot of data issues, right?
You know, there is lack of proper data, there is poor data quality. And then you have the issues dealing with not having the right tools to measure how things are progressing. And even organizations tend to not have sort of a, you know, KPIs and OKRs in terms of their implementation.
So you need to really measure, you know, is this providing the value that, you know, we signed up for, whether it's productivity value or it's dealing with security related things or, you know, trying to meet the requirements of auditor, whatever those are, you know, you need to have, you know, some measurable pieces out there. So what have vendors done to address, you know, these, you know, pieces.
So we've seen over the years, people have made attempts to have battery user interface, you know, intuitive navigation, context sensitive help, better dashboards to go with it.
And they've also simplified, you know, the whole process of configuration, whether, you know, you're configuring how users should be managed or you know, how policies should be set up or workflow should be handled. You know, there's simplifying, you know, the whole experience itself. And then we see that there is outta the box capability. So whether it is your role templates or your work workflow templates or policy templates, anything that brings out some of those standardizations into your environment, you know, we have seen progress made on that.
And then there is overall increased automation too, right? You know, we are talking about not just broadening the scope of application integration, but also integration with other security systems and other systems that, you know, under the purview of the overall IT landscape, right? And then last but not least, we've seen better training models engagement where you have focused groups for training, you have persona based training and people are also providing lot of capabilities around, you know, training especially for, you know, persona based stuff.
So with all that said, you know, it just feels like,
Oops,
It just feels like, you know, the fundamentally the sense in the core of the problem has not been solved the way it should be solved. It feels like there is somewhat of an incremental, you know, approach to what we are doing.
You know, in in, in the, you know, in the industry. It, it, it is not giving you kind of a panacea for the various issues that, you know, you're dealing with. So what do we need here?
You know, it, it really is important to re-look at the problem and kind of rethink how it should be looked at. So fundamentally, three things come into play, right? One is you're really looking at, you know, the issue of skillset needed to onboard, deploy, maintain, and manage an IGA solution. You absolutely, you know, need SMEs. That's what you know, the current, you know, environment looks like.
So what do we do to eliminate that need, right? So the skill need, how do you bring down the that requirement? The second thing is I want to be able to express what I wanna do with the system.
And you don't have to be required to understand the vendor jargon, the user interface to go about doing something. So for example, you know, why should I be burdened with understanding and knowing that I should create a workflow to achieve this particular, you know, flow, right? I should not be required to do that. So I should have a model where I'm going to tell how I want to manage my identities and access and let that drive, you know, what needs to be done underneath. So kind of make it opaque for the user in terms of how they manage it.
Then the other issue is the user interface itself, right?
The user interface comes with its own constraints. It can provide you certain capabilities, it does not give you the ability to do everything you wanna do in, in a single place. So you have to navigate to multiple different places and even certain, some of the queries you want to answer is not being answered, you know, through the user interface. So what does that mean?
So what we are really looking at is, you know, if you see what's in here, this is the summary of a discovery call that the salesperson had, you know, with the prospect, right? So that's what this is. Imagine this is the communication that you can use to trigger and set up an IGA environment, right? It tells you a lot of things when you look at it, right? So why can't we bring down the engagement from complex needs where you have to bring in a subject matter expert, a sales agent, everybody into the conversation and figure out what the customer need.
Instead, you should be able to take something like this that's being representative of a customer environment and be able to drive the configuration and deployment activities. So hold that thought on in terms of how you know that's gonna get done and we will look at it, you know, later in, in the, in the presentation,
Okay, not moving,
Okay,
It's a bit slow there.
It's okay. Let's see.
Alright, so what is this natural language interaction that you know I'm talking about, right? First and foremost, what we are looking at is understanding the intent. What is the person trying to do in this environment? And be able to capture the, a sense of what this person is trying to do and then develop context around what the intent is around, because the context gives you additional information for you to provide a more well-rounded and well-informed response to what, you know, somebody is looking at.
And then the, the third, you know, key piece here is to make sure that, you know, we have insights, right? In certain cases you would want to not only use the context, but also give some input direction inferences that will help them make the next set of actions that they want to perform, you know, with regard to, you know, that particular interaction and ultimately collate all of this in a format that is in a human consumer form that's in a conversational form for them to be able to respond to that, you know, particular, you know, interaction that, you know, we look at that.
So architecturally the way this looks like is this. So imagine that all the various channels through which you can interact, you know, not just, you know, through a console like chat g pt, whether it's email, you're also looking at even rest APIs, rest a PS will not, you know, will stop talking about, you know, JSON structures. They will contain text messages, you know, from one system to another system. And these messages will be handled through an AI engine and potentially the engine can comprise of multiple agents.
So you can have an agent for handling provision, you can have an agent for handling an access request, another agent for managing access certification and so on. So each of these agents are made aware of a certain set of constructs and nuances that you know, the, what the user is trying to do and they would ultimately respond to the user. Or if it means it's something that you need to perform in terms of an operation externally, it'll allow you to perform those, you know, operations as well. So model wise, you know, this is how you know it's going to look like. Okay?
So
What I'm gonna do next is do a, a quick demonstration here
Is,
Is that visible? Hopefully it is. Okay. So this is a simple, you know, environment.
We have, you know, five applications, you know, configured, we call it them assets. So we have a little, I can't hear that allows you to go and interact with this, you know, environment in terms of what you wanna do. So what you're seeing here is some set of capabilities that, you know, are common set of things organized in a certain way.
So we can, you know, start with, you know, asking, you know, something like,
So it it, it tells you what the basic configuration is when it was started and you can, you know, tells you the number of applications that accounts you, so you can configure whatever you want to return out of this. And then there are certain suggestions that are made available with some of the responses, right? The suggestions tell you, you know, based on the context of frequency usage, you can do additional things. So the suggestions you can quickly, you know, try to understand what they are.
So you can click and it'll tell you, this is the identity schema I have configured in this environment, right? There are other things you could do, you know, in understanding. So different forms of responses, textual responses, tabular responsible responses, graphical responses, all are, you know, managed, you know, through this environment. And you can do something more interesting here.
So
It's showing you multiple people, you know, with, with the name Aaron, there is no match for Clark with an E, but it should match for, you know, Aaron.
So you can discover your accounts, users, applications, whatever, access information, whatever it is through this interaction and you can get details on them. So if you're finding about to find out the status of a request or what's happening with a certain provisioning, you'll be able to do through this interface itself. You don't have to navigate anywhere else, right?
Then let's look at the example
That
I had, you know, presented earlier in the deck. So let's see what the system will do if present something like this.
So this is the, the, the topology of the configuration that you saw in the slide. Let's see what, you know, system, you know, comes up with once you present this information.
So what it did is it used a underlying language model to pass your configuration and it was able to actually map it into certain categories and pieces of information that are relevant to your deployment.
So it recognized bunch of applications, it recognized your access policies and it identified your reviews, configuration, what you want, and, and also it identified bunch of things around your MFA, how it is getting done and even, you know, how you want to configure your data synchronization. So essentially what it did for you is it took a deployment configuration and provided you a set of information that you can take it forward. So as we all know, sometimes, you know, you'll get certain configurations that it might not pick it up in the right manner.
So you have the option to edit those make changes. And once that flow is complete, then you can say, you know, press the button and say go, you know, proceed with the deployment itself.
So while this is covering the entire configuration in the environment, imagine you can take very specific areas, you know, your JML scenarios and then set up your JML, you know, policies there. If whether it's your approval scenarios, you can set it up with the, through this model. So you don't have to necessarily go through the user interface, you know, to do, you know, some of these things.
So there's a bunch of other things, you know, we can do, you know, with this capability. So roughly this is the, you know, demonstration, you know, I wanted to do, if you can switch over to the slides please.
So, okay, great. So there are obviously a lot of benefits here.
You know, there is less dependency on user interface, understanding of that significantly enhancing customer experience and how you interact with it on a context basis. You get better insights of what's going on and what you're trying to do. It goes without saying it's brings out significant productivity for the enterprise and, you know, the cost of deployments will start dropping down because line of business can start doing some of these things, right? You don't necessarily have to employ SMEs to do a lot of these things with, with an interactive model, right?
Okay, so how do you go from here? You know, the recommendation is, you know, you start with some basic queries, get a feel for the environment, how the system behaves, how it's responding. More like a read kind of a, a more engagement model and then add some basic operations to it, you know, to get, you know, things going, you know, in terms of interaction. How you wanna do and then examine the training is, is the system learning, the user behavior, your environment, data, everything? Is it providing the right responses? Where are you seeing, you know, the pitfalls and so on.
And then integrate more personas. You start with one or two personas, bring everybody the auditor, application owner, supervisor, everybody to the, and then broaden the scope. You start with couple of applications and you broaden the scope as you feel comfortable that the system is providing you the right outcomes.
Okay, that's it for the, you know, presentation today. Happy to answer any questions that people have.
Well, first of all, thank you very much.
Again, if somebody has a question, please raise your hand or nutrition. Can you check the, we don't have any question online yet. Okay. So if I may ask them one of my own then. So obviously for the actual kind of people involved in this planning and designing the strategies, this is a huge improvement, right? Because you, they don't need to learn the language, don't need to deal with complicated UIs. So they would probably love to have a one click deployment.
But what about the more technical people, the, the, the operational guys, the security people. Are they not scared of this simplicity? Do you sense any opposition in some of your customers teams perhaps?
Good question. I think the, the thought process here is that there are a lot of capabilities that can be done through this model, right?
And it, it can, it provides the outcomes that people there are, there'll be certain scenarios where, you know, this is not just going to get you where you need to, right? And those certainly will be handled, you know, through whatever other mechanisms. But in terms of resistance, I think the, it, it is going to be a function of people trying to get used to this model because it's a new paradigm, complete paradigm shift, right?
Everybody's used to scripting, you know, the more powerful users they use scripting and or, you know, they use user interface, they'll probably go sift through Splunk logs, you know, all kinds of things that they will do today. You know, we are saying, you know, you can reduce that dependency and use this paradigm to support, you know, those, you know, kinds of things.
Can you still mix those approaches or do you have to make the leap of faith and adopt AI in one step?
No, I, I think it, it's, there are, for example, you know, the things that we are talking about, you know, when you start with, you know, is querying and reporting. So it's going against the data. It's not doing a whole bunch of interpretation necessarily of what you're trying to, let's say if you're asking for, Hey, give me the provisioning activities in the last 48 hours or this week, or tell me what were John doe's activities, you know, this month or what were the access changes that happened on this group in ad.
So these, there are, these are very definitive queries that can be answered very easily here, right? And it's not subject to any interpretation per se, right?
Or, you know, it's not, the responses won't be ambiguous, you know, in those. So I think you start with that and it builds some stickiness into this so people start feeling comfortable. Then you can do simple things, right? You can make simple access request if access requests are already being done by people, right? People are using Slack and teams and interacting with an IG solution today to perform that. Imagine the saying, this console will help you do similar things. So that path, you know, it'll take some time.
You know, this is certainly a paradigm shift in a mind shift and it'll, it'll take some time for people to adapt it. Yeah.
Okay. Great.
Well, if you don't have any further questions, well thank you very much Sanjay. Thank you. That was a really thoughtful presentation.
