Identity and Access Management: Passwords and Governance

Identity and Access Management

The identity and access management market continues to grow in a wide variety of industries of all sizes. As has been much discussed in many headlines, this is primarily because of three main reasons: 1) It is much more cost effective to implement than in past years; 2) Solutions can be implemented fairly quickly, and 3) Companies have realized the great benefits IAM solutions bring to their organization.

As the IAM market continues to grow, the solutions have become more advanced to meet the changing needs of the many different organizations and the unique challenges that they face. These solutions are not just basic account creation and password management anymore. They have evolved to handle the various types of employees and industries and still continue to progress and grow.

Let’s take a look at some of the newer advancements made in the IAM market that were created to meet the needs of these industries. The following are two advancements that came directly from trends in the market.

Password management for remote employees

One newer trend is employees working remotely. Users don’t always work in the office or on the company’s network. Though they are not in the office, they encounter similar, but somewhat different, issues as employees in the office. One newer solution to a specific problem has been to make the login process for remote workers more efficient and easy. Think of an employee who is quickly trying to gain access on their smartphone or tablet. To open each application in a new tab and enter credentials is an extremely time-consuming process.

A solution that was developed to easily mitigate this issue is cloud-based single sign-on solutions. Users can easily access a portal where all applications they are authorized to access are available. They simply provide a single set of credentials for authentication and can then access their applications by simply clicking on the icon. This allows them to access their applications from anywhere that they are working, whether inside or outside of the company’s network from one place.

This is also extremely convenient for users who are using mobile devices. Many vendors offer the ability for users to download an app on their device. The app will prompt the user to enter a single set of credentials to get to the portal where they can access their applications. For users who are on the go, and use tablets or smartphones, this can be of tremendous benefit. They can access what they need, from anywhere, at any time, without having the inconvenience of authenticating to multiple applications.

While this type of solution is very convenient for remote employees, it is also helpful for many different industries. For example, in education, where students complete a large majority of their work outside of the school’s network and often use many mobile devices.

Security of access rights

Another trend and growing requirement of organizations in the last couple of years is ensuring security when it comes to access rights in the network. While security has always been a top concern, there has been an increased need to ensure the network is secure from the inside and that employees cannot access system and applications with sensitive data unless their job requires it.

This can be achieved with access governance solutions that have become more available in recent years. Access governance ensures that each employee within the organization have the correct access rights to the exact resources that they need. This is important for many reasons including for employees to efficiently perform their jobs and to keep the company’s network secure.

The company first needs to set up a model of exactly which access rights each role in the organization should have. For example, someone working as a manager in the IT department will need certain access rights to systems, applications and resources. By utilizing access governance, it can be ensured that when the account is created it is done so without accidentally making any access mistakes; either giving the employee too many rights or too few rights. This ensures that the employee receives exactly the correct rights that they need and in a timely manner.

Additional methods and modules have also been developed to further mitigate any security issues of access rights.

Reconciliation is another way to ensure absolutely correct access rights. This module compares how access rights are set up to be in the model to how they actually are and creates a report on any differences. Anything that is not accurate can then be easily corrected.

Attestation is another form of checking access and goes one step further — regular verification that everything is correct. A report is sent out to managers of a department showing their employees and their access rights requiring them to verify accuracy. For example, the marketing manager will receive a report on the access rights of everyone in the marketing department. He or she will need to review and either mark access rights for deletion, change access right directly or create a ticket in the helpdesk system to change the access right. After looking everything over the manager must give his or her final approval for the proposed set of changes to ensure that everything is correct.

These are some of the newer trends in IAM that vendors have developed to meet changing needs of organizations. But what about other trends in IAM? Will the industry continue to grow?

Of course; as trends develop so do problems and solutions in the identity and access management space. For example, for remote workers there are still issues that an IAM solution would resolve. Working in the cloud and remotely brings about unique challenges for account and password management since they are occurring outside of the company’s network. As trends change and develop, the IAM marketing will continue to transform to meet the needs of different employees and industries that utilize the solutions.

By Dean Wiech

Sam Bowman

Medical Data Online: What Are the Risks?

Medical Data in the Cloud Executive-level healthcare leaders must have a thorough understanding of cloud-based security risks. Patient data can vary from simple information such as height and weight to complex genetic markers that can ...
Jeremy Cioara

Demand for Cloud and AI Skills Continues To Increase

Demand for Cloud Skills Increases Thinking about adding more cloud skills to your repertoire? Stop thinking. The time to do it is now. For IT professionals, cloud computing skills are becoming an essential resume item.  ...
Yuri Sagalov

IT Culture Clash Where Employees Use Multiple Devices To Collaborate

Employees use multiple devices to collaborate It used to be that company IT decision makers could simply dictate the software that business units would use. However, in today’s business the IT culture clash where employees ...
Hillary T

The Current Wave of Smart Home Technology

The Future of Smart Home Technology Some say the vision of smart homes kicked off with the invention of household machines in the early part of the 20th century, but the current wave of smart ...
Sergey lypchenko 

The Top 7 Latest DevOps Trends to Follow

DevOps Trends to Follow Awareness of the latest DevOps trends is important for companies which consider the integration of DevOps into their development processes as well as the ones already using it. That is why ...
Robots

How DSPs can Improve Straight Through Processing Rate in RPA Implementations by up to 82%

Robotic Process Automation Digital Service Providers (DSPs) today are well placed to take advantage of next-generation technologies like Robotic Process Automation (RPA), Machine Learning, and Artificial Intelligence. As most of the smart DSPs have already ...