Webinar Recording

Cloud IGA: Built for Hybrid Reality


Log in and watch the full video!

Conventionally, Identity Governance and Administration (IGA) products have been developed and deployed with a focus on on-premise IT systems and applications. While IAM leaders were still struggling with IGA solutions to deliver effective identity administration and access governance, the move to cloud with a need to support an increasingly mobile workforce has entirely changed the IAM priorities for organizations.

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package  
Good morning. Good evening. And good afternoon, depending on where you are from I'm Ann ING from KA Cole, and I'm joined by Jonathan Neil director solutions engineering from ENT to talk about cloud IGA, that today's webinar topic. And we are going to discuss how increasingly cloud IGA is becoming a reality to manage the challenges of today's hybrid it environments. So before we dive into the topic, I would like to take a couple of minutes to introduce you and talk about cupping, a call who we are. So cupping a call is a company founded in two, four is an internationally independent Analyst organization. And we offer neutral advice, expertise, thought leadership, as well as practical relevance across, across a range of topics, concerning information security, access management, risk management compliance, as well as several other topics around add transformation.
There are three keepers to coming called sub business area. The research evens as well as advisory. So we provide research on all major topics, tailored to your requirements. The research is all vendor neutral, practically relevant, as well as very independent. We also do events across geographies, their conferences of webinars, and we also host special events. We provide innovative leadership, target leadership, a very future proof approach, as well as various networking opportunities and meetings with the experts in the areas you like to talk about. And finally, we have got advisory to provide you with best in class and trusted advice. So you can take us as your trusted advisory partner. We talk about your challenges to make sure that we can help you make your business more successful, giving you, giving you advice in that direction, as well as keeping you more up to date with the advice in the either of digital transformation.
These are some of the coming calls, upcoming events. We finished EIC event, which is the premier event from Cola, some two and a half weeks back. And we are looking forward to these. One of them is a consumer I world, which is, which is connected across the regions in USA in September in Europe, as well as an Asia in Singapore, during November timeframe, as well as adults going to be a cybersecurity leadership summit in, in Berlin, in Germany, as well as in USA. Well, here's the GDPR read readiness assessment. GDPR is already out and yep. We have seen how the market has been responding to GDPR, though. If you still need advice or on assessment of how compliant you are, do you still need to, to build some controls, to manage GDPR wash the risk that you might be having with your current controls to manage GDPR, you might want to take this assessment a tool that can help you give some insights into, into what's really missing. All right. So have we come to the guidelines for this webinar? All of you are essentially muted. So you would have to really mute, unmute yourself. The webinars recording is going to be available tomorrow. And we'll ask you for your questions towards the end of the session, but please feel free to enter questions, time using the good webinar control panel.
The agenda is about me talking about the IG deployments traditionally, and why an on-prem IG deployment model that we have been following for a while. Isn't really good enough for modern enterprises, especially because of those market challenges or market trends that have disrupted the traditional IG deployment models. I will also talk about the evolving landscape of IG solutions, the key trends of the market, and yeah, what organizations should be looking at while evaluating IGA for their requirements. After this, Neil, Jonathan will talk about the savings approach to access governance and intelligence, as well as he'll talk about hows is providing cloud anti-government solution for its customers. And what's, what's how reallys can help you manage your IGA. And finally, we'll have the question answer spot.
So right here, we dive into the presentation. Why do we need IGA, or why organizations have been looking to implement an IG solution? Traditionally, we have seen that managing entities, provisioning entities and other related tasks have been a part of it operations for most organizations, but over time it has evolved into broader landscape, or I would say broader set of technologies that we combine to call IGA. And it within itself is a very strong risk and manage risk management discipline that supports business. And I would say the information security priorities for organizations. So IG basically covers various aspects of managing entities and the attributes taxes and entitlements, the roles, the relationships that these various entities have within themselves, as well as provides you several other IG capabilities. So we talk about identity. We have got various administration, or I would say lifecycle management requirements, which are associated with user identity.
Think about provisioning de provisioning, basically your entire joins moves and levers process across various target target systems in the organization. Talk about password research, password management, access, approvals, access requests, as well as access certification, all these various processes, which are associated with managing identities. So there is administration of these identities, as well as the various access and entitlements, which are associated with an identity combining all of those entitlements across the range of applications and target systems, which, which gives rise to large database of roles for most organizations and gives you, gives you the, the requirement for managing roles across all these various applications and systems you have got roles, managing roles, includes creation, role provisioning, role mining, role engineering, all those various capabilities, which are expected from an IG solution today. Also we have got various authorization management requirements when, when it's, when it comes to managing authorization, based on, based on the accident, settlements of users, there are capabilities like dynamic authorization management, which deals with authorizing users based on, based on their access relationships for various applications and, and also roles.
They're also the capabilities around segregation of duties, risk analysis, comply, provisioning, et cetera, that will talk about in upcoming slides. But overall, all these various requires, which are a part of IG ecosystem today are increasingly required by organizations to, to combat a number of various risks, I would say, or even frauds, which which can happen without, without efficient IGA technologies. We also talk about IGA providing you with, with insights into governance, across all these various functions, which can be fed back into the overall administration to optimize your IG processes. And increasingly there is use of audit analytics as well, which can provide you effective, effective information. I would say information to, to, to really, to really provide a better IG overall and make, make business or help business with, with effective decision making processes.
So here are the primary IG challenges that we talk about in the market today. And some of them have been really have been really originating from the kind of deployments that we have for IGA. So talk about the disparate Ary repositories that we have in organizations, most organizations, they tend to have separate identity stores. They have got separate anti store for, for HR applications, separate for EERP applications, for many, for many financial institutions and banks. We have got sensitive applications or business critical applications that have maintained their own anti repositories for several reasons, which only create complexity as well as inconsistency in, in the IEG processes. So that has remained. Does that remain quite a specific challenge for most organizations when it comes to dealing with IGA or consolidated IG? I would say IG has also been very much compliance driven for, for a long time and the risk aspect or, or bringing in risk based thinking is, is, is not, is not a priority for IGA. So again, this has been changing over, you know, over last couple of years where more and more vendors are offering risk based capabilities, especially things like risk based analysis, risk based access certification campaigns, which have helped drive IGA in the direction of, of risk management rather than just being a technology to help ensure compliance.
IGA has always been overridden by customizations. So many organizations have heavily customized IG tools to meet their business processes. And this has led to complexity as well as confusions for number of organizations as to how smooth IG deployments should flow or smooth business processes should flow. So I think there are, again, there are again, technologies and relief, which vendors are offering using some technologies, for example, providing templates for common business processes, cetera, to reduce, reduce the customizations by organizations as well as reduce the time to deploy an IGA, or I would say to, to kickstart an IG program for, for the organization organizations. And finally, it's the, it's the hybridness of it, which has also impacted traditional IG department models. Increasingly we have applications which are hosted in partner networks in, in cloud. We have users accessing these applications, or I would say for example, requesting access to these applications from various SP forms, including applications, mobile applications, other networks, et cetera.
So I think the, the variety of devices that users are using as well as the various applications where they're hosted has also challenged the traditional deployment models, where the IG did not support all these various types of deployment models. So increasingly we are seeing that IG solutions are providing support for cloud applications. We are using various protocols and essentially scheme, for example, has become a defactor standard as well as many of the types of protocols that they're using to integrate with applications in the cloud, particularly cloud-based IG deployments have also been successful for orations who are heavy on says and is adoptions.
So here are some of the market trends that we talk about in IG market today. Some of them might be relevant to immediately relevant to your organization, but some of them are, are just trends that we have observed based on interactions with customers, but they, they might be, they might be more practically relevant to you once, once you have a strategic decision in, in those directions. But yeah, we have example in integrations, obviously the IgM market is a, is a combined market of traditional IEG and UAP. I think it's audit the access governance and user and access provisioning markets. Increasingly IG market provides you with, with, I would say a good mix of both ID provisioning, as well as access governance requirements or capabilities. There are still vendors out in the market who are, who are just providing either ID provisioning or access governance, but more established payers already have a good mix of both ID provisioning as well as access governance capabilities.
Although there might be a, a difference in the, in the depth and the breadth of, of the capabilities that they support, and that would make them either provisioning, focus vendors or governance focused vendors, but really it depends on what kind of IGA use cases or requirements that you have and what's your immediate requirement. So which one would you prefer to, to meet your IGA requirements? So, yeah, that's the combination, but again, if you talk about integrations, increasingly the IGA requires integration with several other enterprise business systems to provide you the right business value in the organization and to prove the credibility of IG solution, for example, to, to, to, to stakeholders. So talk about integrations of IGA with enterprise mobility management systems, the em systems, if you're looking to provide support for mobile applications or mobile devices. So integration with em is something which IGA vendors are targeting.
Same time integrations with it. Asset management systems integration with it, service and support management systems like ServiceNow remedy, et cetera, integrations with E one data access governance tools. Some of the vendors are providing DG capabilities inbuilt to the, to the IGA parts. But those who do not then IANS have to look for an external detects governance PR as well, as well as integration with Pam privileged access management solutions is also something which, which we are witnessing in the market for providing capabilities like privileged access governance, because most Pam tools today do not have their own policy and workflow management capabilities, for example. And they can leverage on the, on the workflow capabilities of IGA tools to provide access governance, privilege, access governance capabilities. So, yep. Integrations has been, has been key market trend from, from IGA vendors. Then we talk about enhanced use experience. And I think that is something that we are seeing across all the IM technologies, but yes, IG is also very much impacted with the requirements of better use experience, being a very important selection criteria for, for a number of use cases.
Many of the vendors have actually re-engineered their, their, you know, IGA interfaces or are, or, you know, they're trying to re-engineer it to make it more convenient as well as providing less friction for users, especially for example, supporting shopping cart, like experience for users when they're trying to request access or, or approvals automated reviews is another key trend that we are seeing in the IgM market where, where we can use a number of various techniques to provide automated reviews for access requests, for example. So a manager who might be looking at reviewing the request and approving the request can, can, can get various feeds or advices or recommendations as to whether he should approve it without, without looking at any of their constraints or limitations or whether he can simply approve it for, for, for reasons like the user has been, you know, the peers of the user have been already have access to this, these resources and, and certain other factors as well.
So automated reviews using, you know, data analytics, techniques and machine learning techniques are also are also getting traction in the market. Then we have got obviously analytics techniques, and I think this is closely associated with integrations with U E B a user and entity behavior, a tools for, for certain enterprises who like to, again, gain insights into how they can derive intelligence across what the users might be doing across applications or systems. So using predictive analytics techniques and integrating IG tools with these tools can provide you correlation of activities across various systems. For example, to, to get intelligence across what user might be doing was the risk level of the activity, and whether that needs to be flagged or alerted to, for example, your steam systems.
Obviously I talked about this, the other trend is basically the template libraries, which most vendors are already offering to basically help ions reduce the overall deployment time, reduce the customizations that they might require, and also follow the standard business processes. Sometimes that IANS might have to fit their processes according to the, you know, the business process, the template libraries. So they're offering the ready made templates, workflow templates for, for, for used by the organizations as well. Then we are always seeing some interests in the market for lower TCO. So we are seeing that organizations are interested into how they can lower overall TCO by various techniques for overall IG deployment. And I think that's also been key trend in, in the market to, for example, and I think that the, the diploma in the cloud is basically a big, big factor on how organizations can, can lower the overall TCO.
Reducing the complexity is obviously something that helps in bringing down the TCO for, for IG deployments and selling other factors as well. Things like out of box integrations with enterprise systems, as well as things like solutions, which can actually provide you, I would say, competitive pricing and discounts based on different types of pricing models, a user a month, or, or a user per target systems, things like that can actually also help you to, to lower the overall TCO. I talked about cloud IG already, and this is something which, which, which is definitely defining the overall market because move to cloud for most organizations is supported by a cloud-based solution, can significantly reduce the integration costs as well as certain inefficiencies, which they have to deal with while trying to integrate or bridge on pre IGA to the applications in the cloud, especially when it comes to execute the governance across all the various applications and systems in the cloud on pre IGA has certain limitations, things like analyzing, analyzing the system information logs, usage information, which is, which is critical for effective governance may not be available immediately for, for on-prem IG solutions. And therefore that may not be as effective as cloud-based IG deployment side. The various benefits that you can get from a cloud-based ID deployment in terms of time to value in terms of ease of support upgrades, et cetera.
Finally, we have got key trend around segregation of duty controls management, and that is something which has been, which has been lacking from most IG vendors. So they do not provide support for segregation of duty controls for complex authorization applications or applications. We have got complex authorization models and, and that would include most ERP applications, which are, which have a very different deployment model today. So ERP applications are no longer one ERP platform for most ations integrations is sourcing various ERP functions separately from various cloud providers. If example, example, you have got Salesforce for your CRM, you have got Workday for, for, at cm, you have got con for, for your, your, you know, transaction or expense management. So all these various ERP functions, which are sourced from various drug providers, it's very difficult for S to have a consolidated policy management, or I would say implement consistent authorization policies across all these various applications or correlate the authorization levels across various applications in, in this postmodern E P environment.
So how can, how can IG solutions provide support for risk analysis across all these various applications, and also help you with, with providing consistent authorization controls across all the various applications, both on-prem as well in cloud is very important. So I think, I think the vendors now, they are really improving on what kind of segregation of duty controls that they can provide. And significantly there are, there are, there are vendors who have, who have been offering, offering pretty effective segregation of duty controls today in the market. Ands is definitely one of those vendors who is offering just some, some important and effective capabilities in, in this market. Well, with that, I would like to hand it over to Jonathan to, to talk about the access governance capabilities and approaches of savings.
Great. Thank you very much. Yeah. Can you hear me?
Yep.
Okay, great. Perfect. Thank you very much. So good afternoon. So yeah, my name is Jonathan Neil. I'm the director of solutions engineering for Saven in Amir. And in this sort of short presentation, I'll be talking a little bit about how sages IGA technology is built for the sort of hybrid reality of today as described by animal.
So if you think about what the reality of today is, and, you know, I, this a lot when talking to a lot of our customers in the EMEA region, what they tell us is, you know, digital transformation, cloud initiatives, you know, really driving business and sort of technology innovation at a faster rate than we've ever seen before. But also the organizations are really struggling to keep up with the demand of additional sort of compliance and regulation mandates, which is taking an increasing amount of time and increasing amount of cost for them to become compliant. So having these digital transformation, having these clouds first initiatives is actually, you know, leading to increased risk because there's a lack of consistent view across these different, important business assets that effectively result in an ineffective security posture.
And what we also hear is hybrid. It really is the new norm for all of our customers. And an interesting fact, 6% of all it spend is gonna be moving to cloud by 2020. So more infrastructure, more applications, and certainly more administrative services are gonna be spanning both the on-prem and cloud resource space. So identity governance plays a critical role in achieving security, compliance and visibility whilst the business adopts these new innovative technologies. So why is there a need to redefine IGA? Well, we talked a lot about some of the problems with traditional IGA that they would develop for OnPrem, that they were often subject to very heavy customization. They just weren't designed to live in a world where there were very complex applications, cloud infrastructure, data repositories, meeting the demands of not only business to enterprise, but business to business and business to consumer.
So today's, today's reality really is, well, you know, identity is the new perimeter, whether you like the terminology or not. It is the mechanism from which we get visibility across our business critical assets. So our applications, our data, our infrastructure be that on-prem, or, or in the cloud, but also having appropriate controls in place to effectively meet regulatory compliance and to deliver improved monitoring. And also control is the new imperative for an organization. And then finally having the right levels of analytics to move away from that tick box based compliance that those legacy solutions used to deliver to more risk based security detection. And also response, you know, is the new level of prevention that you have within the organization.
So what ISS approach in developing a next generation IGA solution to meet these demands? Well, we set about delivering a solution that would enable organizations to start securing governing and gaining visibility over those business, critical assets, their infrastructure, their production workloads, their collaboration tools, where their data resides with IP, GDPR, PCI data, and obviously maintaining that control and level of governance over their existing legacy on premise applications, but also those applications that are moving into the cloud, but to design it on three key tenants. So one is to provide a frictionless experience. We wanna be able to make it easier for the different types of users, actors, personas that we have that need to leverage an IGA solution to be successful, be that an end user, a manager, an application owner, a role owner, or a risk and compliance officer. We need to be able to scale not to scale, to meet the demands of millions of users.
But now we're talking about scaling to meet the demands of hundreds of connected applications. A lot of these applications are very complex in the nature. They have very complex security and authorization models. So you've gotta have a tool that allows you to scale to meet those demands, but also to be able to perform at a level, that's gonna give you information at the right time when you need it in terms of analytics, risk, and visibility, and then finally shift left. So these legacy tools were all pretty much technology tools. They were very hard to be implemented by an organization because they were very technology focused. So shift left is about reducing the burden on, on it and empowering the business user, you know, to participate in the overall experience of identity governance and administration across that hybrid it organization.
So within saving what we've done is we have built a solution based on an identity warehouse and a security warehouse. It gives us the ability to use standard out the box connectors to integrate with those key systems, those key platforms, such as your infrastructure providers, your data collaboration tools, or your on-prem or cloud based applications, bring that information, not just about user identities and accounts and authorizations, but also look at things like usage logs and audit trails in those end user systems. The idea is to be able to paint a picture within a single pane of glass, which can tell you who has access to what at any point in time, but what does that access secure? Because it's not straightforward anymore. You could be giving somebody access to an Azure ad group that might give them access to some confidential data or some confidential applications through an authorization process. So you need to be able to describe, you know, what, in reality does that access actually secure and what is the risk associated with that access? And then finally, the third important question when we are talking about IGA from a 360 degree, holistic view is what are these users doing with those or those permissions, you know, are they behaving appropriately? You know, are they doing the things that they should be doing within those connected applications and systems?
So whats provides is very much a, our approach is a modular approach. So if you have a look at the bottom of the screen, you will see that there are the common sort of features that you would expect from an IGA provider. So being able to access requests or certification some basic password management or some privileged access management, but what we've done at saving is we've leveraged all the data that we can bring into the system. And then using our powerful analytics engine is we can add additional layer of intelligence, risk, and usage analytics to all of those processes. So infuse more context and more meaning to an access request to make it intelligent to a certification process, to make it more business friendly, to make the certifier understand, you know, is this the right level of permission for a certain user?
And is that user using that resource? So you can start to get a better picture of your overall compliance holistically basically. And then in the top pillars, what you see is we have developed very fine grained integrations to a number of providers in the infrastructure, access governance space, the data access governance space and the application access governance space. So with infrastructure access, we provide near realtime workload security. So everyone must have heard of a data breach where somebody has put data on an encrypted Ary bucket or an unencrypted snapshot somewhere. And that has been breached. These are totally unnecessary and preventable, preventable risks that we see in organizations. So we have the technology to provide those near realtime preventative controls, not just within the, the infrastructure as a service provider, but also throughout the, the DevOps or the dev sec ops community as well. In data access governance.
We see a lot of organizations that are now looking to collaborate with their business partners. They're using additional collaboration tools, such as Microsoft Azure, B2B B2C, they're using office 365 SharePoint to collaborate documentation, to work on joint projects and joint ventures. They still have a problem on visibility and on governance and on permissions management and even privileged access to those types of platforms. And then finally in the access governance space and Mo was talking about the provision of, you know, sod capabilities or app application GRC capabilities within IGA know, we have that across a number of leading E R P and financial applications. But as we go through the presentation, I'll talk a little bit more around how we see that, that evolution in relation to, to hybrid it.
So we fundamentally believe that the successful deployment of any IGA tool really does lie in understanding the user, the user's experience, you know, and the user's imperatives. What do I need from the tool in order to be successful? What do I need the tool to do for me in order me to consume that tool and use that tool? So we have to identify the different personas, the different actors that we have in the organization and make sure that we present, or we deliver the right level of functionality, the right information to the people so they can perform their, their task. So for an example, a requester, what do they need from an IGA tool? They want something which is very easy for them to find access or find services or systems they need access to through an intuitive, you know, shopping cart process. They need a glossary that will transform a very technical, you know, permission or enterprise role or technical role into some meaningful language that they understand in terms of doing their job.
The approval on the other hand needs to be able to understand, you know, what is that request? What is, is there any risk associated with that request and you know, what would happen or what would be the impact if I would, you know, approve or reject that request, you know, on behalf of that user. And there's lots of other different, you know, requirements around people that own compliance people, that own individual applications or people that participate in certification or access review processes, you know, they all need different levels of information in order to be successful in order. And also in order to migrate your IGA tool from being a technology compliance driven process, to give, to giving you better business results, better levels of security and better levels of compliance.
So in saving, we use a lot of different forms of analytics to improve the user experience, but also to improve our security posture also to improve our capability, to be continuously compliant across our, our IGA tool set. So one example is peer group analysis. So this is being able to look at a group of individuals within your IGA solution that might share common characteristics, common attributes. It could be the same job, the same department, the same manager, and start to analyze, you know, what the, or the level of coherence is across all these users. They should all have a similar level of access if they're all performing the same job. So this level of analytics can very quickly help to identify those people that are carrying excessive entitlements. Perhaps they've been in the organization many years and they've not been deprovisioned appropriately as they've changed roles. So being able to, you know, work out, you know, who are the, who are the outliers? Who are these people carrying excessive privileges, you know, is one very simple, but very one very powerful level of analytics. And on the flip side, we could also use that same analytics to get a better experience for people that are maybe newly hiring into the organization into a job role that is shared by a number of other individuals.
So what we can do within those types of scenarios, such as access requests is along with other analytics, we can look at peer groups. So what, what peer group does this use to belong in? And what is the level of access that is common across all of those people, to a certain level, and then to the hiring manager or to the user themselves, if it's self-service, they would get a list of recommended applications that they should request, you know, in order to be productive. So it's very similar experience. If anyone's used Netflix or Amazon and you buy something, or you watch a certain movie, it's gonna give you a recommendation to buy something else or to, you know, or to watch another movie or, or another program. But essentially throughout all of these processes, join as movers levers. We are always evaluating risks, both risks that are static in nature, such as our security or business policy, our sod rule sets, maybe it's managing license deviations or, or license violations. And also those more dynamic risks, you know, the, the, the outliers, for example, or perhaps we are tracking the history of a certain level of access. So if an access has been requested a hundred times before, and it's been rejected 90 times, then our level of confidence that that level, or that access will be approved by our approver is gonna be very low. And again, that's just an example of giving you that visibility into all of these processes.
So now why does application governance matter? Well, traditionally, you know, organizations used to purchase the like of SAP or Oracle, and it would run their ERP, their finance, their crown jewel applications. And then what they would do is they would then buy from that same vendor, a tool, which would allow them to do some, some GRC. So some sods analysis, some remediation, mitigation, and, and other things. So in saving, we have the capability to do, you know, increased level of governance across those typical types of players, the SAP, the business suites, but what's changing in the marketplace is most organizations don't have that one single platform anymore, which is handling all of their finance, their, their E R P their CRM as well. They're assigned to look for things like Salesforce or Workday financials. So an organization that used to have everything in SAP or everything in Oracle business suite now has to worry about sod violations that might be driven from someone having the ability to create vendor record in salesforce.com and then approve invoices for that same vendor in SAP.
So what we've done within saving is we've created the ability to take all of these out the box rule sets that we provide for those sort of siloed applications, but then to be able to tailor them, to create what we, what we term cross application or cross platform rule sets that allow us to enforce, you know, toxic combinations of entitlements across desperate disparate platforms or applications, you know, across your, across your enterprise. And of course, having the ability to use analytics for both preventative and detective analysis for remediation or mitigation of sod violations across different applications, through analytics and through, you know, intuitive work benches and, and dashboards, again gives much better level of visibility to users that maybe didn't necessarily understand the risk associated with technical descriptions of violations.
We talked about integration. We do a lot, a lot of integration. So when we're building our entitlement and security warehouse within our repository and Saven, we are not only bringing in, you know, our accounts, entitlements, usage, logs, audit logs from our enterprise or cloud applications or our HR systems. But we have out the box integrations with common I TSM services. So again, we can get information from those ticketing systems or even existing IDM technologies. If they're still present within an organization, we can augment that with information from scene technologies as well, or log systems, and effectively use our analytics and recommendations to help not only get visibility and clean up, you know, your accesses, your entitlements, your outliers, your risky users, but also identify, you know, where your most important applications, your most important data resides. And then being able to putting continuous compliance controls, security, risk signatures to keep you consistently compliant or continuously compliant.
So these analytics or these security controls, these risk signatures effectively start giving you the ability to work towards, you know, IGA as a real time prevent prevention tool. Being able to understand in near real time where those violations are being able to take immediate actions to remediate certain types of violation, or at least prioritize those that are most, most high risk to, to an organization. We do this across data repositories or infrastructure services. So we can prevent those data breaches from an encrypted S3 bucket. We can prevent people from uploading sensitive documents into a SharePoint site that has been shared to people outside of the organization and so on and so on.
And also with continuous micro certifications. So gone are the days where we, we rely upon those quarterly six monthly annual certification campaigns. We wanna be able to drive continuous compliance by looking for certain types of events, certain types of risk or risky behavior, and then immediately kicking off a certification. So someone has to approve or re-certify that access. So all of this is in a single platform covering your AWS, your Microsoft Azure, your Google cloud platform, office 365 SharePoint online Google apps box Dropbox in the data access space. And then obviously across applications, we're talking Cellpoint SAP, Hannah, Workday, Oracle business, suite, Microsoft dynamics, and so on and so on.
And all of this is again, flexibly deployed. We talk about agility. We talk about, you know, time to deployment or, you know, time to value. It's a cloud service. It's much faster. It's a configured, not code. You don't have to worry about employing arm and developers to make this the tool fit your needs. It's a configuration only we worry about all of the upgrades, keeping you secure, keeping your platform up to date on the latest version. And of course, hitting the ground, running with those ready to go, templates those out the box rule sets out the out the box, risk signatures, compliance, controls, and everything else. And with that, I believe we've got about 10 minutes left for questions. So thank you very much. And I will hand back to Emil.
Thank you, Jonathan. So I think we have a couple of questions here. And the first question that I have is I already have an existing it management solution. Do I have to rip it out and replace it?
Yeah. So with saving, as I mentioned earlier, it's the way we go to market is in a modular fashion. So if a customer has a certain pain point and need, if it is, you know, application, access governance or application GRC, then we can, you know, work alongside that existing technology. And then just perform the governance across that particular platform. They may have a, a need to start providing governance across their AWS, you know, landscape or their Microsoft Azure landscape. So we can sell modularly to help organizations. We can run alongside those existing platforms. And then over a period of time, they could start migrating more and more services across inters, such as the cloud and on-premise applications. So it's, it's, it's not a rip and replace.
Great. Thank you, Jonathan. And I I'll just add to, to your answer here, it's also good approach for you to, to look into what existing gaps are for your current it management solution. And what do you think you would need to make your IG solution future proof for, for, let's say next upcoming five years or, or the market trends, which, which strategically your organizations are, is looking to adopt. So understanding that direction is very important for you to look into other products, solutions, which are modeling in approach, for example, what Jonathan talked about, and you could leverage those specific functionalities to address the gaps in your, in your over overall IG. Good. I think the other question is where is the ENT cloud deployed?
Yeah, so with saving the cloud within Amir, we have two options. So we have two cloud hosting partners. So one is AWS. So that is typically within the Dublin data center or the Frankfurt data center. So either S or, or ES, we also have the ability to deploy in Microsoft Azure as well. And so there's more capabilities around sort of UK and other and other regions, or there's some other deployment options. It's, it's quite flexible in that if the customer still has data sovereignty challenges, or they're not ready to move, I J to the cloud, then we can implement on-prem and then move to the cloud at a later date. So there is an important point to make is there's no difference in terms of the functionality, the capability of the product, if they go for an on-prem on private cloud or ons cloud deployment.
Thank you. And I have one more question for you here it ask. I have a number of home grown applications. How can save help to govern these?
Yes, that's a good question. So we talk about leveraging standard API standard connectors for integration with the, the application landscape in an organization. So a lot of applications we can typically integrate using those standards. So whether it's LDAP, whether it's JDBC, whether it's just a flat file exchange, but more and more prominent now is the ability to bring onboard either very legacy applications or even cloud based applications that don't have great APIs exposed for managing identities and permissions. So for those types of scenarios, we have integration with RPA tooling. So if the customer has, you know, historically done last mile provisioning through, you know, a ticket raised in, in, in ITSM and someone manually goes to the console and, and performs a task, then we can actually remove that last mile provisioning as a human task. And you can use RPA to deliver that last mile provisioning without any customization, any coding, any connected development. So again, very, very quick to deliver great time to value and the cost very low.
Perfect. Thanks. Thanks, Jonathan. And I think, yeah, that's, that's exactly. Even what I would, I would agree too, for most of home grown applications. It's, it's, it's, it's a good idea for you to estimate from the business or, you know, having a conversation with the business to understand how long the business wants to continue with such home good applications. And is there a plan for transition or replacement to, to, you know, commercial applications, because I'm sure there would be something that general business would think about in terms of maintaining such home grown applications on a longer basis, as well as, you know, maintaining other legacy applications. So understand how long you need to support those, those applications. And as I said, you know, maintain an outlook for, for future to, to see, you know, what kind of applications you will need and integration with IGA, how feasible and how important that is going to be. So, yeah, I think, I think with that, I would like to make a last call for any questions here. Okay. So we don't have any, any further questions here and with that, then I'd like to thank you all for joining us for this, for this webinar session. We hope we provide you some good information to take away. And I'd like to also thank Jonathan for valuable insights about abouts. Thank you all for joining goodbye.

Stay Connected

KuppingerCole on social media

Related Videos

Analyst Chat

Analyst Chat #156: CIEM Is Entering the Privileged Access Management Market

The PAM market is changing and expanding. Paul Fisher talks about the latest trends for Privileged Access Management, the role of CIEM, mergers and newcomers in this important market segment.

Interview

Unifying the Perspectives - Application Access Governance

The application landscape in organizations is getting more and more complex. Applications from vendors are more plentiful - or they differ very much from each other - and the combination of on-prem and cloud applications is no longer unusual. It's easy to lose track of all the different…

Webinar Recording

Effective IAM in the World of Modern Business IT

Digital Transformation promises lower costs, and increased speed and efficiency. But it also leads to a mix of on-prem and cloud-based IT infrastructure, and a proliferation of identities that need to be managed in a complex environment. Organizations adopting a Zero Trust approach to…

Analyst Chat

Analyst Chat #135: Can DREAM Help Me Manage My Multi-Hybrid Infrastructure?

The IT environments have become complex, and this will not stop as more technologies such as Edge Computing start to take hold. Paul Fisher looks at the full scope of entitlements across today's multi-hybrid environments. He explains how this new market segment between the cloud,…

Webinar Recording

Multi-Cloud Permissions Management

Most businesses are adopting cloud services from multiple providers to remain flexible, agile, efficient, and competitive, but many do not have enterprise-wide control over and visibility of tens of thousands of cloud access permissions, exposing the enterprise to risk of security breaches.

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00