Insider Threats and Identity

Identity Governance and Administration

Case Study 3_Technology and Product Review for Identity Governance and Administration

While cyber security attacks are often executed by outsiders, insiders also present a major threat. Insider threats stem from, among other factors, user IDs and privileged accounts. This is particularly true at North-by-East Software, where controls over the issuance and management of user IDs and privileged accounts are considerably weak. The theft or loss of confidential information through insiders can result in disastrous consequences, underscoring the need for identity governance and administration (IGA) software. Indeed, in an ever more complex cyber security environment, the significance of IGA software is now greater than ever before. IGA software provides strong security controls against insider threats by enabling centralised identity management and access control (TechTarget, 2014). More specifically, the software enables privileged identity management, role-based identity administration, as well as identity intelligence. North-by-East needs a strong IGA product if it is to mitigate the threat posed by insiders. The firm requires a product that can effectively ensure least privilege and separation of duties.

IdentityIQ: Features, Capabilities, and Deficiencies

One IGA product that can be used is SailPoint's IdentityIQ. IdentityIQ can be used for identity management in mobile, on-premises, and cloud environments. It provides unparalleled integration with the wider information technology (IT) infrastructure. This integration is enabled by resource connectors incorporated into the base platform. IdentityIQ further enables enterprise users to effectively identify (detect), prevent, and control (react to) data breaches. Indeed, detection, documentation, protection, prevention, and reaction are important pillars of information security. Without providing these aspects, an information security solution may not be effective.

IdentityIQ ensures centralised visibility of all information (applications, data, users, and access), thereby minimising or avoiding the threat of inappropriate access (SailPoint, 2015). Also, with its strong detection and prevention controls, the software ensures access is consistently within the firm's policy. Further, IdentityIQ empowers enterprise users by guaranteeing constant access from any device, including desktops, smartphones, and tablets. With capabilities for data governance, IT service management, mobile device management, user behaviour analytics, and privileged account management, IdentityIQ enables customers to make more informed security decisions in an increasingly complex security environment (SailPoint, 2015). These capabilities are supported by the software's unique features, including strong application program interfaces (APIs), a provisioning broker that readily integrates with third party applications, as well as unmatched analytics tools (Kannan, n.d.).

With its outstanding identity management capabilities, IdentityIQ has received fairly high user ratings, scoring 3.7 to 4.3 out of 5 in the categories of evaluation and contracting, integration and deployment, service and support, and product capabilities (Gartner, 2017). Users have particularly reported positive experiences with the software's pricing, flexibility, quality, and functionality. In addition to its robust cyber security capabilities, IdentityIQ enables enterprise users to minimise the cost of identity administration. Without efficient software, identity governance can be a nightmare. IdentityIQ solves this nightmare by providing user analytics, automated policy management, business-friendly access certifications, automated provisioning, access request, as well as strong enforcement of password policy, thereby lowering costs relating to identity management and governance (SailPoint, 2015). Other advantages include smooth implementation, ease of configuration, end user-centeredness, significant flexibility and extensibility, availability of a broad user community, quality technical support, as well as user customisation (Crooke, 2015; Gartner, 2017).

An even more interesting aspect of IdentityIQ is that it focuses on the end user. Most IGA products tend to be IT-focused, with their efficiency often depending on the IT team. IdentityIQ, however, shifts much of the identity and access processes from the IT team to end users (Kannan, n.d.). In other words, dependency on the IT team is usually minimal. IdentityIQ, therefore, can be seen as more business-centred compared to other IGA products.

In spite of its strengths, a number of negatives cannot go unmentioned. For instance, while IdentityIQ is often customized to the unique needs of the enterprise, some users see the customisation as too much, arguing that it may increases costs and maintenance effort in the long run (Crooke, 2015). Crooke believes the software would have been much better if there was a little more standardisation. Other negatives include inadequate vendor documentation and deployment difficulties on virtualised platforms (Gartner, 2017). Nonetheless, the merits of the software far outweigh its demerits.

Relevance for Cyber Security Objectives