Prediction: The Coronavirus Alters Discourse on Identity Governance and Administration

Prediction: The Coronavirus Alters Discourse on Identity Governance and Administration

At Solutions Review, our editors constantly bemoan the lack of respect identity governance and administration receives in cybersecurity discourses. Identity governance and administration (IGA) solutions constitute a major part of modern business cybersecurity and identity management policies and strategies. However, the coronavirus outbreak might represent a sea change for identity governance and administration.  

Yes, the era of social distancing may actually increase awareness and deployment of identity governance solutions. But why? The answer is simple; many of the problems organizations encounter with managing the identities of remote workers mimic the issues IGA solutions solve.  

Here’s why we predict this: 

How The Coronavirus Alters Discourse on Identity Governance and Administration

Role Management and Visibility Matter in Social Distancing

The coronavirus continues to wreak havoc on the lives and livelihoods of people across the globe. Therefore, the outbreak disrupting business’ workflows and processes, with social distancing forcing employees to work from home, doesn’t surprise. 

The principles of identity management and cybersecurity don’t wait for any disease or disruption to pass; they matter every day, and the consequences of failing to properly secure your digital assets still sting.   

Most prominently, visibility still matters in your identity management. Without visibility, your cybersecurity can’t function optimally; you can’t protect what you can’t see. Perhaps most of all, your IT security team needs visibility over the permissions your employees possess. If they don’t know who has access to what, they can’t hope to secure your databases. 

Therefore, the coronavirus outbreak increases identity governance’s prominence because the latter provides much-needed visibility and control over users’ permissions. Moreover, if someone has permissions beyond their station, your IT team needs to have the capabilities to remove them. IGA can provide such capability through its basic functioning.  

Identity governance can help prevent access creep, a problem in which users’ credentials bloat with redundant or unnecessary privileges. Access creep creates new vulnerabilities in your digital perimeter, creating new targets for hackers. Also, access creep can provoke insider threats, a nightmarish scenario especially when users operate so far from direct supervision. 

Temporary Privileges

So, the coronavirus outbreak means that normal channels of communication and workflows don’t function as well as they do normally. Instead, you may need to consider changing those workflows to fit a more disparate, remote employee base. 

For example, you may want to give certain employees access to a database they would normally need special permission to access or which only their supervisor can access. This would theoretically speed the workflows which would only become slowed by waiting for approval. Speed means everything now that so many companies fight for attention in the current digital-only commerce environment.  

However, your enterprise may not want employees to have these extended privileges for too long. After all, it may result in the same access creep problems discussed above. 

During the coronavirus outbreak, enterprises continue to discover that identity governance can help them monitor temporary permissions. Further, IGA solutions can actually enforce the temporary part of temporary permissions; it can automatically activate time limits on the permissions and then revoke them at the end of the time. 

Clarifying the Identity Lifecycle 

Finally, the coronavirus outbreak brings identity governance to the forefront by highlighting the need for identity lifecycle management. Life cycle management involves streamlining and fortifying onboarding, offboarding, and intra-enterprise role changes. Onboarding and offboarding often involve assigning (or removing) privileges quickly as befits their new role in the organization. Failing to do so properly can cause problems in getting workers started promptly (onboarding) or leave a security risk via orphaned accounts (offboarding).   

How to Learn More

These issues we described aren’t unique to the coronavirus crisis. In fact, they existed long before it arose, and will persist long after a cure is discovered. However, the coronavirus outbreak brings identity governance to the forefront of the identity governance conversation in a way never before seen. 

Your enterprise needs to monitor these issues and challenges and respond to them appropriately. Therefore, you should download our free Identity Governance Buyer’s Guide. We cover the top solution providers in detail and their key capabilities.

   

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner