GUEST ESSAY: Five steps to improving identity management — and reinforcing network security

By Jackson Shaw

The identity management market has grown to $13 billion and counting. While intuition would tell you enterprises have identity under control, that is far from reality.

Related: Taking a zero-trust approach to access management

Current events, such as the global pandemic and ‘The Great Resignation,’ which have accelerated cloud adoption, remote working environments, and the number of business applications and systems in use has complicated matters.

As a result, new solutions and features to address identity challenges have emerged. In a sense, this is a positive trend: change makers are innovating and trying to stay ahead of imminent threats.

On the other hand, there’s a good deal of snake oil on the market, making it hard for organizations to realize the value of their tech investments. Last, and perhaps most significant, many solutions don’t work together harmoniously, making it hard for employees to get work done.

When you consider these points, it’s understandable why businesses end up with too many solutions to effectively manage, or simply default to manual, inefficient processes to address identity- and security-related tasks. But for progress to happen, we must first get to the root of why this is happening.

New research from Gradient Flow’s “2022 Identity Management Survey” aims to do this. From the findings, here are five ways leaders can improve their approach to identity management and security.

•Take stock of vendor relationships. A majority (54 percent of survey respondents with IT job functions indicated that they work with several vendors for security functions including identity governance, risk, compliance, single sign-on, PAM, and security operations.

Shaw

It’s reasonable that businesses will work with multiple vendors to address specific security issues. However, leaders would be wise to consider where they can scale back or consolidate. A good first step is to explore new features within existing tech systems in place.

•Reduce unnecessary applications and systems. Using 10 or more business applications weekly is the norm for approximately a quarter of survey respondents. Remote work (think video conferencing and cloud migrations) has only exacerbated the number of systems employees frequent.

Yet over 40% of knowledge workers queried expect a high productivity boost from using fewer applications or systems. Leaders must find ways to streamline tasks or boost functionality to help reduce context-switching’s effect on productivity.

•Prioritize user experience. User experience (UX) was the top challenge across most segments surveyed. Nearly half of respondents indicated that identity solutions need to provide better interfaces and allow people to work productively and securely. Jumping on new tech systems is not the solution.

Rather, leaders should extend functionality within systems employees are already familiar with. This is likely a reason that 47 percent of respondents use IT Service Management (ITSM) or workforce management platforms to govern things like permissions and entitlements. This approach requires no training and frees up IT teams for more important projects.

•Reduce management time. For all segments surveyed, granting, and removing access took a few hours. That’s valuable time lost for onboarding new employees and too much time for your sensitive data to be vulnerable with those on their way out. In terms of identity tasks, this one is fairly cut and dry, and as such, should be automated when possible.

This also gives organizations real-time visibility into who is coming and going, and who does and doesn’t have access to certain company systems and assets in the case of an audit.

•Take AI hype with a grain of salt. In the vein of automation, artificial intelligence (AI) has been heavily hyped up in the technology world, but it may be too early to see the benefits in identity management. While two-thirds of respondents cited using AI, less than a third yielded moderate to high benefits for their efforts.

However, ITSM can help with this, as it provides organizations with the quantity and quality of data needed—that most are lacking—to execute successful AI and machine learning initiatives.

We still have a long way to go to optimize identity management and security, but understanding the triumphs, challenges, tools, and practices to approach it in a more strategic, beneficial way is helpful. With knowledge comes power, and with this research, we have the power to implement better approaches for identity management and beyond.

About the essayist. Jackson Shaw is chief strategy officer at Clear Skye, an Identity Governance and Administration (IGA) software company focused on enterprise identity access and risk management.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone