What is Cloud IGA?
Cloud IGA, or using a cloud-based or cloud-connected identity governance and administration (IGA) solution, allows organizations to create enterprise identity management policies for Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) products that maintain “least privilege necessary” entitlements to prove access governance over the business’s privacy policy and privileged access management controls across on-premises, hybrid, and cloud infrastructures.
The Importance of Identity Governance
In recent years, there has been a shift in the importance of identity governance to overall IT security strategy that has sparked the transformation. This is primarily due to rapid changes in IT infrastructure, changes in how and where businesses deploy apps and access data. Here are some key trends:
- Increasingly, businesses are moving apps and data to the cloud. Also, data-driven business processes often span hybrid IT environments that may integrate any combination of managed cloud services, unmanaged private clouds, and on-premises systems
- Evolving business models are placing greater demand on corporate information systems. Increasingly we see complex partner collaborations or service relationships involving more agile access governance scenarios
- There has been a total proliferation of mobile devices in the enterprise—from laptop computers and smartphones to the explosion of connected devices. This introduces an entirely new dimension to access governance
These trends have simultaneously placed greater demand on digital assets while causing the traditional network perimeter to disappear. It is no longer effective to pursue a security strategy focused entirely on controlling traffic through every network access point. Instead, businesses are growing more focused on identifying users and controlling what they have access to and what they are doing with that access. However, accomplishing that is no easy task in today’s complex IT environment.
Identity Governance and Administration (IGA) plays a pivotal role in securing this notion of the borderless enterprise. It came about as a merging of market disciplines that were previously categorized under user administration and provisioning (UAP) as well as Identity and Access Governance (IAG). Combining these segments into IGA helped consolidate capabilities that were being managed in isolation.
That, however, is not the end of the story. IGA products still focus on automating the last mile connectivity and ignore the need for simplifying processes and empowering business users. This challenge is compounded by increased adoption of cloud technologies. Managing tens of thousands of identities in a complex and continuously changing IT environment has led to lack of visibility, high level of customization and inefficiencies in all IGA processes. In an effort to make IGA easier to use, more functional, and more scalable, Saviynt has introduced the next generation IGA, which we call IGA 2.0
What is different about Cloud IGA?
Here are some of the core tenets that distinguish this new generation of IGA solution:
- Greater use of machine learning with robust analytics: This enables cloud IGA to take a more automated, risk-based approach to all Identity Governance processes including intelligent access requests, event-driven micro certifications and reporting
- Easy to consume, easy to deploy: A key challenge with first generation IGA solutions is the amount of time taken to deploy the solution and realize business benefits. Cloud IGA increases agility and reduces TCO by offering flexible deployment models and more importantly offering a full-featured cloud-based service.
- Focus on continuous compliance: By ingraining security controls that are mapped to regulatory frameworks, continuous monitoring and real-time remediation, Cloud IGA reduces manual effort to check the effectiveness of controls and simplifies compliance processes.
- Incorporation of extensive segregation of duties (SoD) functionality: Cloud IGA robust SOD functionality with pre-built rulesets address the growing audit requirements without requiring a separate solution.
- Compatibility with hybrid IT architecture: This makes it possible for one solution to provide single pane of glass view across a diverse portfolio of enterprise and cloud assets.
Gartner’s recently published critical capabilities for IGA (download the report here) deliberates on the points I discussed above and more. I encourage everyone to get a copy and understand varied capabilities or considerations while selecting a IGA solution.
In our viewpoint, Cloud IGA is a next-generation solution designed to meet the needs of enterprises operating in dynamic hybrid computing environments. To learn more about Saviynt and the future of identity governance, explore our Cloud Identity Governance and Administration solution.
