What is identity governance and administration and who needs it?
Getting rid of the buzz words
Let’s split out the term ‘Identity governance and Administration’ and define ‘Identity Governance’ and ‘Administration’.
Identity Administration refers to the activities an organization must perform in order to make sure that all users that interact with the organization – be they employees, contractors, partners or customers – have just the right level of access to systems and applications that they need in order to be effective in their role, whilst ensuring that nobody has any access that they don’t need or shouldn’t have.
Identity Governance refers to the process when organization needs to be able to prove that access is being managed properly, for example as part of the internal audit process or to support regulatory compliance efforts.
Put simply, when combining both terms together, identity governance and identity administration allow an organization to control and manage user access based on central policies. In other words, controlling who has access to what, where and how.
Is it possible to do Identity Governance and Identity Administration using a combination of spreadsheets, helpdesk tickets and elbow grease?
Homegrown IGA and indeed many organizations do; however, it quickly becomes apparent, even for small businesses, that there are serious limitations to this approach – both in terms of efficiency and security – which means it is not viable beyond low hundreds of users.
Problems associated with a manual, spreadsheet and ticket driven approach
Humans tend to be focused on the job at hand – meaning that they are quite good at giving access but very poor at remembering to take it away when no longer needed. In addition to this, the actual process of managing user accounts across many different applications is extremely time consuming, which can lead to long delays in granting access or taking it away.
The answer to these challenges lies in identity governance and administration systems – these are software platforms that are built to fully automate the processes involved in managing access as outlined above. They typically automate the management of user accounts across all of the applications in the organisation, automatically calculate access rights according to a user’s role and provide tools to prove that access is being managed in accordance with policy.