Today’s challenges in Identity and Access Governance
IAG (Identity and Access Governance) is a top priority on every IT managers list these days. IAG is crucial to enable new agile business models by allowing fast and controlled access of all types of users to all types of IT resources and services. Without an IAG in place it is almost impossible to achieve regulatory compliance or to ensure IT governance.
The IAG industry is evolving very fast and strategies and best practices formulated 5 years ago might not be valid anymore.
Challenges of planning an Identity and Access Governance system:
Flexible work forces and mobile devices making it difficult to ensure security. For example, logging in from different devices might be correct but not at the same time from different locations. In uncertain circumstances an IAG system might consider a password is not enough and ask for a second authentication factor.
An IAG system must take the context of an authentication into consideration by imbedding an identity analytic solution or a SIEM systemA
Constantly changing compliance requirements are often difficult to implement even with an IAG System.
Design the IAG System not only for current needs but instead implement it from the beginning as mandatory enterprise-wide identity broker with a flexible API.
IAG systems have always been considered a costly necessity. Now IAG systems are an important business enabler. Companies will miss business opportunities if their IAG solution takes too long to deploy, adapt, or respond to user events.
IT Manager should also consider speed, ease of use and scalability additional to implementation and cost of deployment.
The industry focus is shifting from on premise solution to cloud services. The workforce consists not any longer solely on employees but also on partners, suppliers, customers, services and devices signing in from anywhere in exponentially growing numbers.
Every IAG system should be designed to be instantly scalable in terms of technology, services and licensing.
Perimeter-based security is not sufficient anymore. The corporate workforce must be able to work from anywhere.
The security model should not only regulate data storeed on company premises, but also by SaaS providers or cloud applications.
A large group of IAM implementations are based on a monolithic architecture. Despite the product’s ability to handle service requests too many provisioning tasks are still done via file transfer. This has a negative effect on IT service delivery in many aspects.
Build an open, service oriented IAG architecture that can offer IAG services to other applications.
If you feel not too confident with your IAG after considering these six challenges chances are that you should review your current IAG.