By Rod Simmons | Omada
Next week, we’ll be at IDM DACH, speaking with attendees about what modern Identity Governance and Administration (IGA) means to us, and why organizations today need it more than ever. The IDM event has a great agenda, and we’re slotted to speak in the morning session on May 24th. This series of keynotes and presentations are geared towards helping attendees understand how to build back better, with a robust, reliable, and flexible IAM strategy.
Within a broader IAM strategy, IGA can help provide foundational controls to ensure that the right identities have the right access to the right resources for the right reasons at the right times. If that seems like a mouthful, this concept can often be distilled down to a simpler term: least privilege. At its core, least privilege is a simple term with a simple concept, but, businesses today have an uphill climb to secure the variety of identities that require access to a plethora of applications, infrastructure, data, and more that exist within every organization.
We typically think of organizational growth relating to revenue and/or more people, but for IT, IAM, and security teams, as businesses grow, this usually means they will require more (and new) systems to enable their people to be more productive. Recent ESG research shows that the average organization has added 65 new business critical applications within the past 24 months. In addition to these new applications, it’s no secret that organizations are moving to the cloud in order to maximize efficiencies and take advantage of Infrastructure as a Service (IaaS) that removes the burden from teams having to manage on-premises infrastructure, perform lengthy updates, and never-ending patches. However, with great cloud, comes great responsibility. As the number of locations where data and infrastructure are hosted, and where business users work, the more complex it becomes to manage who needs access to what, and why.
Governing all these identities and the varying levels of access they require can be an uphill climb for many, and it can be tempting to purchase entirely new, exciting technologies to cover some of these corner use cases, when in reality, a modern approach to an old problem can be a cure-all. This is where modern IGA comes into play. But to fully understand the concept, first a quick rundown of how modern IGA differs from manual, or legacy approaches. In the manual state of identity governance, organizations rely on human-led processes and tracking of who has access to what. We’ve found when talking to these types of customers that most have taken a first step to managing identities by implementing Microsoft AD (or Azure AD) for authentication but leave nearly everything else to be managed manually. A legacy IGA solution is characterized by customization and high maintenance cost, and typically (although not always) is deployed on-premises. Most of these systems struggle to support automation of complex business processes, and hybrid, or cloud environments.
Modern IGA is a cloud native, enterprise ready, full-featured IGA solution that can be deployed quickly. Modern IGA not only provides high governance and audit standards, modern access automation and decision support, but can be configured to meet the needs of each individual enterprise without relying on customization to make it go. IGA continues to evolve and for any solution to be fit for purpose and meet the demands of organizations today, it needs to be easy to configure, provide elastic scalability, and be able to secure a variety of identities, applications, infrastructure, and datasets.
Join us at IDM DACH, where we’ll share our views of how IGA needs to evolve, highlight key winning strategies from our proven best practice framework, and show how our customers are securing their organization’s identities with successful modern IGA programs that are delivering rapid value and low total cost of ownership.