Sorting out identity and access management

Wade Ellery at Radiant Logic explains why it’s finally time to sort out your identity data clutter – and how to get started

Digital identities are the cornerstone of a modern business. The processes of Identity and Access Management (IAM) are critical for enabling workforce access to applications and assets they need, while preventing unauthorised access. Identity data management is also a critical component of all  digitalisation projects.

But despite this importance, many organisations are still struggling to get their digital identities under control. Radiant Logic recently commissioned research through Gartner Peer Insights to better understand the current state of identity and found that 61 percent of businesses believe it is too costly and time-intensive to proactively manage identity on a regular basis.

So, what are the major roadblocks when it comes to Identity and Access Management and what can organisations do to overcome them?

Why is identity management such a challenge?

The digital identity crisis is an issue that’s been years in the making. As firms develop and expand, they naturally add more layers of hardware and software. Eventually this results in a disparate mass of systems, each with their own separate user identities. 

Accordingly, the majority of organisations in our research had between 20-30 disparate identities per person, spread across a complex environment of legacy, hybrid and multi-cloud systems.

When you consider that all of the respondent businesses had at least 5,000 employees, and half had more than 10,000, you see the true magnitude of the identity crisis.

Dealing with tens of thousands of disconnected fragments of identity is a colossal task, especially when you factor in decades of legacy systems, IT debt, and the frequency of employees leaving or changing roles.

The task is seen as simply too big to begin, especially when limited IT resources are already stretched dealing with day-to-day tasks and other digitalisation projects.

Think of the IT environment as a house. There are plenty of regular chores that we complete daily and weekly to keep our household running – doing the dishes, vacuuming, and so on. And then there are tasks that we know are important and want to complete, but never quite find time for, like finally clearing out the garage or painting the exterior. You skirt around the edges of the mess as needed, but completely sorting it out is too big a task.

Similarly, enterprises are spending their IT resources on the essentials needed to keep operations running. Two thirds of respondents in our research stated that a lack of budget for identity-based projects was a leading concern.  While they’d like to sort out their digital identities once and for all, there is always something more urgent on the to-do list.

With decades of legacy infrastructure and dozens of identities per user, it’s just too big a mess to make meaningful progress with, and IT teams do just enough to keep things running. 

This is never an ideal situation, but really becomes a problem when a pressing need for effective identity management comes up

The business impacts of poor identity management

Picture your garage, filled to the brim with a decade of junk. Now imagine you have a pressing need to clear out the mess and make the space usable again. Further, you need to organise all these items into a clear new storage system. You look at all the accumulated rubbish and wonder where you can even begin untangling everything.

Businesses are increasingly finding themselves in this unenviable position thanks to major digital projects like cloud migration and the implementation of identity security measures like Zero Trust. Such projects ideally require access and privilege data for thousands of users to be organised, and so are seriously slowed or even entirely derailed when digital identity management is not in hand.

Many firms end up simply migrating all of the mess into the cloud environment wholesale, thereby kicking the can down the road for another few years at least. But this is problematic, creating inefficiencies, redundancies and blind spots that impact operations and increase security risk. Identity-based projects like Zero Trust meanwhile are all but impossible without the groundwork having been completed.

Indeed, the inability to progress with crucial digital transformation projects and legacy system upgrades was one of the most prominent negative impacts we found from identity management issues. The need to sort through thousands of disconnected accounts before any progress could be made resulted in identity-based projects becoming too expensive.

This in turn increases operational costs as more budget is devoted to managing technical debt. Two thirds (66 percent) of organisations reported a negative impact on productivity and staff morale due to issues such as poor integration and a lack of support for new applications and processes.

Security also emerged as a major issue, with many firms feeling more exposed to threats. 84 percent of organisations reported experiencing at least one identity-related breach.

Despite these issues however, IT and security teams often struggle to secure C-suite buy-in before it becomes an emergency. To use another household analogy, it’s like replacing a section of your plumbing. You know the pipes need changing before they wear out, but it will never be the top priority until it springs a leak.

How to finally tackle the identity clutter

The task of sorting tens of thousands of identities scattered across multiple layers of legacy systems is far too great to accomplish manually – at least not without putting all other projects on hold for several years.

As with so many large-scale IT challenges today, automation is the answer. The right automated tools can sort through the thousands of disparate identities and join the dots to establish how they are connected and what they can access. The result is something we call Identity Data Fabric – a single system that encompasses all the identities in the business.

From here, IT teams will have a single pain of glass to view how each account is connected to a human user, and further, what each individual user is able to access throughout the IT environment. The Identity Data Fabric approach is achieved at the data layer rather than application layer, which means all identities are connected regardless of the system they relate to.

This will immediately deliver powerful advantages in securing the network, as this clear view of access levels and privileges will make it easy to spot over-provisioned users that could be exploited. Users will also enjoy a more integrated, streamlined system that ensures all assets are integrated and supported.

In addition to clearing out all of that clutter, firms will now be equipped to ensure it never builds up again, as new and changing identities can be automatically managed as needed, making their identity data not an obstacle, but an enabler of further business growth.

Once this has been achieved, organisations will finally have the time, security team resources and budget to allocate to more strategic projects on digital transformation.

Only active accounts with appropriate system privileges will be migrated to cloud environments, and Zero Trust frameworks can be built around solid, well-understood access controls.

Finally, identity management can stop being a roadblock to progress, and start working as the business enabler it was always supposed to be.

Wade Ellery isField Chief Technology Officer at Radiant Logic

Main image courtesy of iStockPhoto.com