This past year, Gartner determined that organizations that implement identity analytics alongside an Identity Governance and Administration (IGA) deployment will result in twice the Return on Investment (ROI) as ones that don’t. This significant increase in ROI can be distilled into three key reasons: the identification of blind spots, continuous improvement of processes, and leveraging identity insights across security solutions. In this blog, I will delve into each of these areas, what we have learned from customer engagements, and why you should prioritize identity analytics when investing in IGA.
Identify blind spots with identity analytics
|Many organizations when deploying an IGA solution tend to prioritize basic security measures such as onboarding new users, maintaining simple access controls, and administering passwords. Where they primarily focus on adding automation to address joiner, mover, leaver use cases within the organization. What’s often overlooked are their blind spots; the state of their current environment, what bureaucratic processes are in place today that aren’t up to par with where they envision the organization to go. Without identifying areas of opportunity for improvement, many organizations result in automating processes that they should in fact optimize or eliminate. This can result in a long timeline to get desired ROI, minimal ROI from an IGA deployment, or a failed IGA deployment that loses funding due to perceived failure to produce results.
One of the most valuable benefits of prioritizing identity analytics alongside an IGA deployment is the ability to track improvement over time. This ensures that you are able to 1. show that your investment is paying off and 2. you haven’t missed any areas of opportunity for further improvement. Identity analytics provides your firm with the ability to customize the use cases you want to clean up and track over time; this will vary industry to industry and firm to firm. In one customer engagement in the higher education industry, we found that it was of great value to focus on login analysis such as identifying orphan accounts among students that have left the university. By adopting identity analytics, universities get insight into whether their existing processes ensure proper deprovisioning of accounts once a student graduates and tracks improvement over time. Although this example is specific to the higher education space, the same value holds true across various industries. What analysis to focus on will vary but the ability to identify risk, remediate risk, optimize processes, monitor improvement over time, and repeat holds true.
Continuously improve processes for optimization
After using identity analytics to identify blind spots and clean up accounts, the solution can and should be used to monitor and improve processes. With identity analytics, firms have a source of truth for monitoring risks, the ability to leverage risk insights in recertification campaigns, and a way to continuously improve the processes generated in the initial deployment.
One of the realities of modern IGA deployments is the use of multiple instances or solutions across a single organization. One of the difficulties in improving existing processes is the lack of a single source of truth. Identity analytics is that layer that can sit on top of all IGA solutions as well as other security investments to provide risk insights derived from correlated information. With this holistic view of risks across your organization, there is improved transparency of your firm’s top risk and where to prioritize your resources for greatest impact.
Across organizations, we are also seeing an increase in the number of identities spanning employees, contractors, as well as an increase in applications. This exponential increase with existing processes has resulted in an inability to ensure accuracy across recertification decisions. Many line of business (LoB) managers may feel this particular pain point as they struggle to keep up with the dynamic relationship across their direct reports and the applications they need to do their job effectively. Many LoB managers may rightly feel that it’s unreasonable for them to truly know if their direct report needs or doesn’t need a particular application to do their job. By leveraging the risk insights of identity analytics, we gain greater insights with tools powered by machine learning such as peer group analysis to identify anomalies across optimized peer groups. It can even provide confidence scores that go beyond high/medium/low risk scores to say we know X% of John Doe’s peers do not have this entitlement, therefore John Doe should not have access. With identity analytics, we are creating a new culture of informed decision making.
As the IGA landscape and organization needs evolve, identity analytics provides the opportunity for greater awareness of existing processes, gaps, over entitlement, etc. and the capability to adapt alongside organizations. With the ability to customize risk policies, remediation workflows, add/remove data sources, integrate with existing solutions, leverage identity insights across security solutions, identity analytics is an investment that can be used regularly over time as it adapts to fit an organization’s needs thus driving even greater ROI.
Make the most of identity data across security
With an identity analytics solution, your organization will have access to a wealth of insights that you will want to leverage with other security solutions. A common pattern we have identified across engagements is between User Behavior Analytics (UBA) and identity analytics. UBA provides valuable behavioral data leveraging real time activity data to identify anomalies against established ‘normal’ behavior. While identity analytics empowers organizations to dynamically manage access entitlements by continuously monitoring for access policy adherence. By leveraging both of these solutions, organizations are able to address two valuable needs: improved visibility and improved response time.
By leveraging identity analytics insights in a UBA solution or vice versa, organizations have the increased visibility into user risk. The correlation of insights across these two solutions will highlight both risky activities that the user may be partaking in as well as risk that can stem from over entitlement. By leveraging identity analytics, your organization is increasing the ability to identify risks early and increase response time. Identity analytics paired with UBA is only one of many integrations where identity analytics insights provide unique data that augments existing investments. By correlating data across solutions in a single dashboard, the value of insights that can be derived is incalculable.
What IBM can do to maximize your IGA ROI
IBM Security Verify supports the identity analytics use cases described in this blog post. The solution can be deployed on prem or in a hybrid fashion, with out of the box connectors for IGI and ISIM and an extensive extensibility framework for third party IGA solutions and additional security solutions. By leveraging our correlation configuration capabilities, you can make the most of your existing security investments to identify blind spots and optimize current processes.
Contact your account representative or the IBM identity analytics team (firstname.lastname@example.org) to start your free trial today.