Rethinking the Identity Security Paradigm: Three Ways to Stay Ahead of Identity-related Threats
Authored by Grady Summers, Executive VP, Products
For far too long, I have seen organizations and their IT teams rely on annual or quarterly certification campaigns to verify their users have the proper access. While access certifications are necessary, the traditional approach of yearly or quarterly certification campaigns offers little value when spotting risky access promptly or providing the business context needed to approve or deny access. Business managers suffer from certification fatigue, and they end up rubberstamping everything.
The result? Too many reviews and not enough revocations.
There is a better and more efficient way to manage access. It starts with rethinking the identity security paradigm using a proactive, 3-step approach.
1. Stop Looking Backwards
One disadvantage of the scheduled certification campaigns is that you are dealing with access-after-the-fact. “Did Grady have the appropriate access in the past year?” We all know that in today’s fast-moving cyber threat landscape, discovering any misassigned entitlements that happened in the past may already be too late. Non-compliance has happened, and identity-related breaches may have occurred.
Now let’s think about how we drive every day. Our attention is ahead to anticipate potential threats like debris in the road or cars weaving into our lane. Managing access should not be any different. A forward-looking approach leverages machine-learning algorithms to turn vast amounts of identity data–including user attributes, roles, access history, and entitlements–into actionable insights. This can help organizations proactively identify access anomalies, spot potential risks faster, and remediate them in a timely manner.
2. Make Better Business Decisions
I often hear the word “rubber stamping” associated with certification campaigns. Rubber stamping often leads to unauthorized access, non-compliance, and an increased attack surface. Helping business managers make informed decisions is critical. Artificial Intelligence (AI) combined with data science tools can help provide deep insights into why a user is an access anomaly and what factors contributed to the deviation. With the right business context, managers and application owners can make faster and more accurate access decisions with confidence and trust.
3. Leverage the Power of Automation
One day, we will get to 100% autonomous identity security. Leveraging the power of AI and automation is a good first step. Organizations should not rely on lengthy, manual, and error-prone certification campaigns to meet regulatory mandates. Consider integrated workflows that can help you automate repetitive identity security processes such as deprovisioning inactive accounts, onboarding new employees, and remediating risky access. It frees Identity Access Mangers up to focus on high-value projects.
“…As organizations and their IT teams mature and become more sophisticated in adopting AI and automation, they will benefit from a more proactively managed identity security environment…”
Jay Bretzmann, Research Vice President, Security Products on “Artificial Intelligence: The Key to Identity Security” Spotlight Paper, July 2022
Rethink the Identity Security Paradigm with SailPoint AI-Driven Identity Security
Our recent launch revealed new AI-Driven Identity Security capabilities that can help organizations proactively manage identity security environments. The Identity Outlier Score not only helps organizations spot potential access risks but also helps standardize the measurement of access anomalies across departments. The higher the score, the more likely this individual has potentially risky access. Contextual Insights provides additional information to help business stakeholders understand what factors contributed to the score.
This process can also be automated by pre-configuring the “Outlier Detected” template in SaaS Workflow. An automated workflow can be triggered based on a pre-set score range. Different remediations (e.g., emailing the manager, kicking off a mini certification, or disabling access) can be implemented based on business processes.
In addition, the brand-new Access Intelligence Center offers detailed data visualization with persona-based dashboards. It provides not only out-of-the-box templates but also customizable reports for internal auditors and identity program sponsors to dive deeper into the details.
Reactive and backward-looking identity security solutions can no longer keep up with today’s identity security needs. By leveraging AI and automation, organizations can benefit from a more proactively managed identity security environment with a strong security posture.
Check out the latest product video here.