We have got an action-packed week planned for the Gartner Identity and Access Management Summit in Las Vegas in a couple of weeks. There are loads of exciting sessions, including a track on Identity Governance, where thought leaders, analysts, customers, and vendors are detailing the next wave of IGA. In the leadup to the event, our own VP of Product Strategy, Rod Simmons recently wrote for Security Boulevard on where he thinks the next frontier of identity governance and administration (IGA) looks like, and outlines four major principles that will be critical in establishing intelligent IGA for organizations of all shapes and sizes:
- Establish IGA Everywhere. This pillar boils down to the fact that not only are there more ways in which people are working, but also an increased variety of employment types (employees, third-party contractors and interns, etc.) that continue to proliferate due to work-from-anywhere trends. As such, IGA needs to be accessible and easy to use for all these users, and ‘meet them where they are working’ and being available within ITSM, communication, collaboration, and any other tool that they need to get work done, securely.
- Create an Enriched Security Ecosystem. Similar to extending IGA capabilities into supporting workflow applications, rather than having one solution that is a mile wide and an inch deep—intelligent IGA can, and should serve as the glue for an enriched security ecosystem by building on the strengths of other best-of-breed solutions, like privileged access management (PAM), access management, security information and event management (SIEM), data access governance (DAG) and cloud infrastructure entitlements management (CIEM) solutions. In doing so, this creates a rich, identity-centric approach improves visibility of risk and compliance by unifying information from the security landscape through bi-directional information exchanges.
- Build Universal Connectivity. IGA solutions have long required heavy customization to meet the demands of the variety of applications and infrastructure that each individual organization brings to the table. This results in lengthy deployments, costly coding errors, and solutions that are challenging to maintain as business requirements change. Particularly as SaaS applications continue to grow and surge in popularity, we see a growing need to take a standards-based approach for connectivity, and leveraging protocols like REST, SCIM, and SOAP, will allow organizations to configure connectivity to a wide variety of applications without the need for lengthy, custom code
- Inform Smart Decision-Making. For IGA to take the next step in adoption and usability, the improved ability to leverage automation and intelligence to support human decision-making—and to automate core IGA tasks like managing the identity life cycle, access reviews and certification campaigns is paramount. However, this requires trust. For this next wave to take off, all the futuristic use cases and AI/ML capabilities need to be able to help teams optimize processes for low-risk items like normal access requests and reviews and regular certification campaigns. Once a baseline of trust is established, automating core IGA tasks like identity lifecycle management, gathering audit and compliance requirements, micro-certifications, and more can be automated, leading to even further productivity and security gains.
If we look ahead to the nearer term at the Gartner IAM Summit, what we are most looking forward to hearing from customers and experts discussing the latest trends in IAM, and in how organizations of all shapes and sizes can get the most out of their IGA programs. The theme of the event is around securing constant change by enabling resilient businesses, and at its core, speaks to the ever-expanding digital footprint of modern organizations, and how IAM tools need to adapt to fit these growing needs, while increasing adoption amongst a continually proliferating workforce. With so many interesting vendors and solutions available to IAM leaders today, it can be overwhelming to try to discern what to focus valuable time, money, and resources to. Moving from hypothetical ‘nice-to-haves’ to actual deployed technology likely requires identifying a gap, mapping out use cases, assigning resources, and then allocating the prerequisite time needed to get a solution into production.
However, it also requires knowing what to avoid, and legacy approaches to IGA are beholden with common traps that can lay waste to an organization’s desired outcomes. At the Gartner IAM Summit, we are excited to hear from Omada customer, Kohler, as well as Omada thought leaders on how to best approach IGA to maximize output and minimize headaches.
First, join Omada VP of Product Strategy, Rod Simmons on Monday, August 22nd, at 11:45 local time, where he will cover how to successfully deploy IGA by first outlining ten common problems that have historically plagued IGA deployments. Then, he will dive into some customer examples of how they avoided overly customizing IGA by focusing on a standards-based approach that was fit to scale, while still deploying quickly within 12 weeks. Next, join Mandy Huth, VP of Cybersecurity at Kohler Co., on Tuesday, August 23rd at 2pm for an engaging session on Kohler’s journey to implementing strong identity lifecycle management, while adhering to NIST frameworks while keeping their workforce of 30,000 identities productive with a modern, cloud-based IGA solution. We’ll also be at booth 201 if you simply want to come back and talk all things IAM and IGA!