Commissioned by SailPoint
1 Executive Summary
IGA (Identity Governance & Administration) is a core discipline of IAM (Identity & Access Management), and it is a must have for organizations. IGA not only helps in increasing administrative efficiency in managing user accounts and in achieving regulatory compliance, but is the foundation for convenient, friction-free user journeys for all types of users. IGA has grown way beyond its initial scope and shifted from a must-do to a must-have solution.
While IGA has been complex to deploy, to customize, and to run in the past, this is changing with the shift from traditional on-premises deployments to IDaaS (Identity as a Service). IDaaS opens the doors to efficient and successful IGA also for medium-sized and mid-market businesses, in every industry.
For larger organizations and the ones in regulated industries that were obliged to implement IGA already, IDaaS provides the benefit of simplified deployment and operations. It helps removing many of the burdens of IGA adoption that came in the past with monolithic on-premises IGA deployments. Simplified deployment based on standard configurations, broader support and simplified integration of target applications, and the option to segregate own customizations from the standard by utilizing APIs (Application Programming Interfaces) reduce the cost of deployment and operations.
IDaaS also helps in speeding up the implementation of a Zero Trust architecture, where IAM takes a central role. Zero Trust starts with the authentication and thus verification of the user. Managing the entitlements of users and authorizing against these entitlements then adds the continuous verification. Having a strong IAM in place thus is a cornerstone of Zero Trust.
With the shift to IDaaS and modular architectures, new capabilities are also easier to add. Instead of the complex deployment of a new major release, such capabilities become available as an additional IDaaS service. Utilizing AI/ML to augment users in dealing with the complexity of managing access entitlements is a common sample for such extension of traditional IGA.
While IDaaS simplifies IGA, it does not remove the need for proper planning. Success always starts with a plan. This involves aspects such as defining the tenant and provider responsibilities, defining a Target Operating Model (TOM) for IDaaS, and the phased planning of the roll-out of new capabilities and integrations to target systems.
SailPoint with its SailPoint Identity Platform delivers a comprehensive IDaaS-based IGA solution, which makes extensive use of AI/ML for augmenting users in dealing with the inherent complexity of managing access entitlements.