Today’s enterprises have, on average, 288 different SaaS apps in production. This number only figures to increase as more and more applications are adopted to enhance workforce productivity and enable work-from-anywhere (with any device) strategies. As such, organizations need ways to provide access to these applications and optimize the functionality within the application. Connectors are links between systems and applications that help to synch information between multiple applications. Think of an example where an organization has an HR application to keep track of who works at the company and in what capacity, and then a separate financial application that keeps track of accounts receivable. Given the sensitivity of the financial data that this financial application houses, if someone working in the finance department leaves the organization, first, an administrator would need to trigger an action in the HR system to mark the person as inactive. Then, the organization will need to quickly revoke access to the financial application that comes from that person leaving. If there was a connector between these two applications, where if someone is marked as inactive in the HR system it would automatically disable their access to financial systems, it would cut down on some time and reduce risk.
This is a straightforward example of communication, but as identities sprawl out to include third-party contractors, auditors, interns, employees changing jobs, and more, and as applications become more and more granular, the need to centrally track access rights across the organization becomes very essential, not just for audits, but also for security, and optimizing business efficiencies. This is where identity governance and administration (IGA) comes into play and helps manage the communication between applications and helps to ensure that they can be securely utilized. To communicate with these resources and keep things organized and monitored centrally, organizations need ways to ensure that as employees, contractors and customers require access to these systems or applications, they have the right level of access at the right time. This is otherwise known as the principle of least privilege.
There are a variety of use cases that connectivity between an IGA solution and target systems can, and should enable, depending on the type of target system, including:
- Identity Lifecycle Management
- Access Management
- Reconciling accounts
- Providing advanced risk scoring
- Classifying data
- Locking out identities in an emergency
The common way for applications to perform these types of tasks among one another is through communication protocols. Specifically, for an IGA system to communicate with applications, centralized communication like this is largely done through Application Programmable Interfaces (APIs). With the rise in SaaS applications, the most used web-based APIs are typically Representational State Transfer (REST), or Simple Object Access Protocol (SOAP), where both styles communicate over Hypertext Transfer Protocol (HTTP). These standards afford programmers and developers the ability to design their own code that interoperates with these applications so they can be mapped to fit the needs of the organizations. Connectors can then be easily and quickly built to do a wide variety of tasks including adding users, managing their access, disabling them, but can also be run between other solutions in the IT stack; like an ITSM solution to help unify tickets for access requests and reviews, as an example.
Omada provides connectivity templates for the most common protocols like SCIM, REST, OData, LDAP, PowerShell, .CSV, .NET, SQL, and SOAP. Additionally, the Omada SDK helps to connect with legacy and proprietary enterprise systems that do not provide an interface based on a well-understood API, although these are increasingly less common. To make things complicated, connectivity between two IT systems historically has required custom code development. Further, for some legacy on-premises IT systems, intimate knowledge of both systems and proprietary code is required and needs to be continually maintained and extended in line with new business requirements. With the Omada Configurable Connectivity Framework, organizations have a fast and reliable way to configure connectivity without code development. The Omada framework leverages our strong integration layer with protocol as well as a growing list of generic connectors which provide out-of-the-box connectivity to the most used applications.