More businesses are relying on Identity Governance and Administration (IGA) for numerous reasons. Security is an issue, especially since insider threats are at an all time high, and with new laws and regulations concerning data protection popping up every which where. Your business must:
- Secure itself against unauthorized access (whether it be from within the company or from outside it)
- Comply with regulations and pass audits
- Match your competitors’ advantages with the intelligent and automated handling of your users’ access rights
IGA: From a solution for regulated industries to a necessity for all businesses
Governing and recording details of user access rights with an automated system was something only regulated industries used to need. Healthcare companies and even accounting firms (after the Sarbanes-Oxley Act of 2002) were starting to be mandated by federal laws provide audit reports on ‘who has access to what’ within the business. Naturally, an automated system that could allow business users to request access and entitlements to apps and have these requests responded to by responsible managing authorities would be needed. This is how IGA came to be.
Now a gold-standard necessity for any business
But, insider threats are no longer limited to large regulated industries and accounting firms. Any business, new or old, small or large, is a possible target for identity related cybercrime today. Verizon’s recent Data Breach Investigation Report (DBIR) showed that approximately half of all data breaches occur in small and medium businesses as opposed to large ones. More distressing are the findings of InsuranceBee’s Cyber Survey of more than 1,300 SMB where it was found that 83% of SMBs lack the funds to deal with the repercussions of a data breach. Improving immunity is the only right answer, and IGA is the way it must be done.
Your competitors with IGA deployments have significant competitive advantage
Compliance and security aside, IGA also increases the efficiency of your business and improves its overall effectiveness in the long run.
Technologies such as Birthright Provisioning where new joinees are automatically provided access to accounts that are created for them in target apps that they will need for their work and User Lifecycle Management where the access rights of employees who change roles or are transferred to other departments are handled intelligently and automatically, and access is revoked when an employee is terminated) reduce confusion and wasted time significantly which translates into improved bottom lines.
The addition of IGA to your environment is critical in helping you match or gain competitive advantage over your competitors.
Choosing the right IGA solution
According to leading industry analyst Gartner, IGA solutions today, while quite mature, still do not address customer needs precisely.
In a report (Adopting Cloud-Delivered Identity Governance and Administration Published: 3 December 2018 ID: G00361363), Gartner reports “sustaining a reliable IGA infrastructure on-premises has proven to be a constant headache that challenges organizations both technically and financially. Technical professionals have been occupied maintaining and enhancing on-premises IGA infrastructure continuously to meet various compliance and business requirements.”
IAM technicians are hard to come by and most small and medium businesses would be hard pressed to find quality candidates. IGA deployments must become friendly to average users and, if possible, be managed by a third-party on the DevOps level.
IGA Deployment models
There are 3 IGA deployment models:
- On-premise (software)
Any on-premise software puts the burden of DevOps on the customer and lacks benefits of a cloud solution, namely better security and low subscription cost from multi-tenant instances.
Security is better with cloud-hosted solutions because the hosts (like Microsoft Azure and Amazon Web Services) spend millions of dollars on securing their platforms every year, something that most businesses can’t afford.
Cloud-hosted IGA solutions utilize ported versions of on-premise technology and offer only a few of the benefits of cloud computing.
The best IGA solution for most businesses is cloud-architected. These solutions are built for the cloud and are highly agile, share or even fully own DevOps burden, offer the security benefits of a major cloud hosting service, and are classified as services instead of products.
Cost benefit of IGA as a Service
Falling under the broad category of Security as a Service (SaaS), cloud-architected IGA solutions offer one significant advantage beyond agility, reduced DevOps burden and improved security. This advantage is that SaaS-delivered IGA is purchased as a subscription, and not as a capital investment. This means that you can push it into your budget as an operating cost rather than as a capital cost.
Small and medium businesses with budget constraints can fit these offerings into their budgets rather easily as no significant investment is required, and can benefit from a full solution in a few days from purchasing a subscription.
On-premise IAM solutions are also notorious for having long implementation times (sometimes more than 1 year!), low ROI and sometimes just not ever being able to run properly which costs the customer hundreds of thousands of dollars.
Gaps in current cloud-architected IGA offerings
While a leading SaaS-delivered IGA solution is, for most businesses, a far better choice than an on-premise or cloud hosted one, current offerings lack certain essentials.
- Poor legacy app support: legacy apps are dealt with utilizing complex connectors or are simply not supported by most cloud-architected IGA solutions. Businesses that utilize such apps experience a dysfunctional IAM environment when these apps are excluded.
- Significant sharing of DevOps burden: despite the capability of cloud-architected solutions to keep the DevOps burden with the vendor, most offerings require customers to share at least part of the burden. This mandates having IAM-trained staff on payroll, which is a challenge due to skill-shortage and additional overhead for the customer.
- Cloud-architected security services present a general threat to customers in that the customer is completely reliant on the continuity of their vendor’s business. If for some reason the vendor closes shop, the customer may be faced with a crisis to find another IGA vendor on short notice. On-premise installations do not have this issue as acquired software is always available for use, even if the original vendor goes under.
Cross Identity IGA offerings: All cloud-architected and state-of-the-art
Cross Identity IGA solutions are all cloud-architected technologies and solve all challenges in the SaaS-delivered IGA landscape.
- Perfect legacy app support: owning various patented methods for legacy app integration, with Cross Identity IGA solutions you can be sure that every single one of your apps; legacy, homegrown, custom-built, or web-based, will be seamlessly included in your IAM environment.
- No DevOps burden to the customer: Cross Identity handles all DevOps burden
- Two decades of stable business: The risk of Cross Identity IGA services not being available tomorrow due to closure is minimal compared to other IGA competitors.
Cross Identity IGA comes in three flavours:
- CI: one of the industry’s first ever all-in-one cloud-architected IAM solutions with full IGA capabilities
- Identity Plus: an IGA-only solution with more granular options for businesses with highly mature IGA needs
- IGA microservices: Cross Identity is also the innovator of IGA microservices where customers may choose individual function-based modules to purchase on pay-as-you-consume payment models. You may purchase subscriptions to microservices such as
The evolution of SaaS: IGA Microservices
Microservice delivered IGA has two distinct advantages, particularly for small or medium businesses.
- You may add very specific IGA functions to your environment and add more as you grow. This allows you to ‘taste’ the benefits of IGA or solve specific, critical challenges in your business IT environment without paying full price for a head-to-toe IGA solution
- If your business has already acquired an IAM or IGA solution, you can fill the gaps with specific services which are not being addressed.
Some of the microservice-delivered IGA subscriptions we offer include:
- AD Provisioning/Deprovisioning as a Service: provision and deprovision new terminated employees into your AD automatically
- New Hire Provisioning as a Service: automatically provision new hires into various target systems with specified entitlements (along with other features such as Orphan Account Management and Self-Service Password Reset with forward and reverse Password Synchronization.)
- Access Review as a Service: who-has-access-to-what reports for compliance audits, scheduled access review campaigns with automated de-provisioning of inappropriate accesses and identification of orphan accounts
and more…(see https://www.crossidentity.com/services/)
Powerful, reliable and cutting-edge
Cross Identity is one of the few IAM vendors that has existed since the inception of the domain. Our experience as both, (initially) a managed services company, and now a vendor, with countless A-list customers (https://www.crossidentity.com/customers/) means that we know the technology and customer requires better than almost anyone. The level of customer satisfaction we have historically provided has been a point of mutual pride for both ourselves as well as our customers. Our IGA solutions are robust, feature rich, and future-proof. Buy from us today (or Try for Free) and see for yourself!