Identity governance strategies have historically fixed on the question: “Who has access to what?” As the range of identities, including RPA, IoT, and service accounts grows in the cloud, enterprises must also ask, “What are these users doing with their access?”
Moving ahead, we expect more in-depth use of AI/ML technologies to improve risk awareness and decision making for identity-related business processes. One application area ripe for improvement is risk modeling.
Enterprises can take advantage of intelligent risk scoring – based on usage data, behavioral analytics, and peer group analysis – to optimize access certification, requests, role management, and other access management assignments and processes.
Eventually, we expect the elimination of human intervention in access decision-making. While this is not a 2021 revelation, automated access provisioning may soon normalize. For example, instead of providing a Salesforce admin 24/7 administrator privileges, access is granted in real-time and is task-specific – once the admin logs out, access is revoked. AI for adaptive decision making, including applying technologies that consider location data or device insights (like irregular mouse movements) is an emerging use case.
Deloitte notes the opportunity for behavioral analytics to create baseline markers of normal user behaviors. Alongside, NLP tools would develop user profiles and monitor for abnormal occurrences–and learn (and infer) from behavior patterns. This supports faster, frictionless identity related decision making.
We foresee more dynamic risk-based scoring that adapts to user behaviors and attributes, even across an ecosystem of devices, cloud-workloads, and user types. Enterprises will also invest in smarter Attribute-based Access Controls (ABAC) to manage modern identities. These tools incorporate intelligent analytics to create attributes such as user, object, action, or environment characteristics and dictate how a role can operate. Using automation for role-mining, security leaders will create authoritative identity sources.
Intermountain Healthcare’s Allred cites his organization as an example of how frictionless ML-decision making will expand: “Reviewing user-behavior and auditing access for 50,000 users is simply not sustainable.”
Simeio’s Keur also anticipates more AI/ML-guided responses to outlying behaviors flagged by UEBA tools. He expects security leaders to connect user analytic tools to IAM solutions to move past “just giving users permissions and flying blind.”
Identity intelligence powered by AI/ML improves risk awareness, reduces over-entitlement, helps companies identify inactive user accounts, streamlines certification efforts, and increases revocation rates. The ROI is too high to ignore.