Every so often, we here at the Solutions Review Cybersecurity Desk like to review the findings on identity governance and administration (IGA) solution providers’ blogs. Since they are the ones engaging in market innovations, fighting off hackers and insider threats, and conducting the research essential to enacting behavioral changes in enterprises and employees alike, they are the most likely to see identity’s present and future clearly.
This week, we read through the blog of Californian identity and access management and identity governance and administration solution provider Saviynt. We read through their posts from Q1 2018 and beyond to get a better sense of this increasingly important digital identity subfield.
Here’s what we learned:
A few pieces of cybersecurity common sense from Saviynt: identity governance remains an essential component of ensuring privileged access management, even as more and more enterprises embrace cloud adoption as part of their digital transformation. Orphaned accounts—residual access credentials lingering on your network—need to be discovered and removed as quickly as possible to close those security holes in your IT environment. The alternative is far too risky to be considered.
Identity governance requires dedication from all levels of your enterprise to deploy properly. The bare minimum of compliance requirements—deploying only what is necessary according to auditors to fulfill obligations—often means ignoring critical identity issues facing your enterprise on a daily basis. In order to protect against insider threats, Saviynt believes it may be time to perform an exhaustive risk assessment on your enterprise IT environment.
As with all cybersecurity platforms, identity governance can be mature or immature. Immature identity governance programs are reactive, whereas mature programs are oriented to optimization for better performance. Enterprises should consider the latter first if they are truly interested in deploying an identity governance solution.
In the 2018 Gartner Magic Quadrant for Identity Governance and Administration, the technology research firm stated that 40% of IGA buyers will select the cloud-architected solution by 2021. Saviynt agrees with this assessment of the market and provides more context for this claim. On-premise IGA solutions can have trouble scaling and can have a higher price tag. Additionally, an on-cloud identity governance solution can also be a boon to enterprises’ digital transformation efforts.
One of the key capabilities of identity governance solutions for enterprises is their capacity to help ensure regulatory and industry compliance via monitoring identity permissions. Saviynt points out that these compliance requirements can become more complicated with the uptick in enterprise cloud adoption—digital risk signatures don’t always fit cloud platforms and delineating responsibilities across cloud services can prove tricky.
Identity governance can help manage the identity drift inherent in the cloud platform and clearly outline the shared responsibilities in your enterprise’s IT environment. It may be time to consider such a solution for your enterprise’s cloud environment.
Saviynt provides solid definitions for both identity administration and identity governance. The former identity solution focuses on managing the lifecycles and permissions of digital identities. The latter ensures checks and balances in those digital identities, checking on what permissions are granted where and by whom.
Identity governance automates manual processes and provides holistic risk analysis, allowing enterprises to stay compliant with their regulatory obligations and prevent data breaches while reducing the burden of provisioning and de-provisioning during day-to-day activities.
If you would like to know more about the identity governance solution marketplace, you can read our analysis of the 2018 Gartner Identity Governance and Administration Critical Capabilities Report. Saviynt was named in that report. You can download the full report here.
Latest posts by Ben Canner (see all)
- What Can Authentication and Continuous Authentication Protect Against? - June 2, 2020
- Thycotic Announces Acquisition of Onion ID - June 2, 2020
- By the Numbers: Enterprise Identity Security 2020 - May 29, 2020