How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA)
0 likes376 views
The document outlines the top three problems in Identity Governance and Administration (IGA): visibility into access, third-party user management, and certifying access. It emphasizes the need for continuous monitoring of entitlements, integrating contractor management into IGA programs, and providing tools to streamline access reviews. Solutions include instituting a program for entitlement visibility, incorporating contractors into the IGA suite, and simplifying the certification review process.
How to Solve the Top 3 Struggles with Identity Governance and Administration (IGA)
- 1. Identity Governance and Administration (IGA) What are the top problems?
- 2. What are the Top 3 Problems in IGA? 1. Visibility into access o Do you really have the right access? How has an employee’s access changed over their lifecyle within the organization? Typically, the longer you’re here, the more access you accumulate. 2. Third Party User Management: o It’s the Wild West when it comes to managing contractors… 3. Certifying Access: o We want to do more access reviews, but it’s so time consuming that only the minimum reviews are being done.
- 3. 1. Visibility into access: What’s Right? How do we assign roles and entitlements? Time with the company Amountofentitlements Entitlement ‘creep’: • How do you manage this? • How do justify removing entitlements?
- 4. 1. Visibility into access: What’s Right? How do we assign roles and entitlements? Issues with this approach: • Are the starting roles even right? • How do you know you haven’t over- or under- provisioned? • Are the people getting these roles similar enough? User 1 Department: A User 2 Department: A New User 3 Department: A Amount of matches in entitlements: 10/10 Percentage: 100% Good match for new User Role Conventional Approach:
- 5. What’s Right? Optimal Approach: Visual Grouping: A system that allows automatic grouping of like entitlements; roles are seen as overlays to incoming data
- 6. Available Entitlements 2. Third Party User Management HR System IGA System X Open Accounts: Preferred targets for criminal operators
- 7. May June July August September October November 3. Certifying Access How do I review so many entitlements? Certification review Cycle Timeneededforreview Entitlements per Employee Manager Employees Why so much time needed to run Certifications?
- 8. This is what a Manager has to review… “Where do I even start, and when will I have time for this? Answer: Let’s make things easier…
- 10. Summary 1. Visibility into access o Typically, the longer you’re here, the more access you accumulate. o Answer: Keep visibility into entitlement growth by instituting an IGA program that continuously monitors entitlements and provides an easy visualization into the state of the business. 2. Third Party User Management: o It’s the Wild West when it comes to managing contractors… o Answer: Incorporate contractors into your IGA program/suite. This ensures continual vigilance and reduction of your attack surface area. 3. Certifying Access: o We want to do more access reviews, but it’s so time consuming that only the minimum reviews are being done. o Answer: Make things easier for your reviewers; provide them the tools necessary to perform quick reviews!
- 11. THANK YOU! © 2018 by SecureAuth + Core Security All rights reserved