KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Engineers across organizations struggle with increased anxiety and stress every time they hit the push button to make complex system changes. One mistake can hinder business as usual, introduce unnecessary risks, and cause non-compliance with policies that can cripple the whole organization.
Simulations could be the answer engineers are looking for. They are used in various fields to study complex systems and help engineers create hypothetical scenarios to see the impact of certain changes before implementing them.
In this presentation, the Evolveum Development Team Leader, Katarina Bolemant, will explain the motivation and common pain points of deploying an IGA solution. She will show you the endless possibilities of using simulations to evaluate the impact of changes and how to identify potential issues and reduce the risks of errors. Using simulations will lift the burden off engineers’ shoulders, increase confidence in their decisions, and build stronger relationships with other stakeholders.
Offer a peek into the future, and both technical personnel and decision makers will appreciate you for providing the possibility to review the simulated results and make necessary adjustments before implementing changes in the production environment.
Engineers across organizations struggle with increased anxiety and stress every time they hit the push button to make complex system changes. One mistake can hinder business as usual, introduce unnecessary risks, and cause non-compliance with policies that can cripple the whole organization.
Simulations could be the answer engineers are looking for. They are used in various fields to study complex systems and help engineers create hypothetical scenarios to see the impact of certain changes before implementing them.
In this presentation, the Evolveum Development Team Leader, Katarina Bolemant, will explain the motivation and common pain points of deploying an IGA solution. She will show you the endless possibilities of using simulations to evaluate the impact of changes and how to identify potential issues and reduce the risks of errors. Using simulations will lift the burden off engineers’ shoulders, increase confidence in their decisions, and build stronger relationships with other stakeholders.
Offer a peek into the future, and both technical personnel and decision makers will appreciate you for providing the possibility to review the simulated results and make necessary adjustments before implementing changes in the production environment.
Okay. Anybody willing, even more stress and frustration than you have to deal with these days? I bet no one in this room. I'm sure that all of us are trying to find ways to simplify our day-to-day tasks. We want to be happy, find work-life balance. We're playing with AI to do the work for us. We're using tools to do presentations for us to write essays for us. So my question is, why don't we also make our life easier when it comes to identity governance? My name is Karina Ballman. I work at Evolve as a development team leader. Before I got, let's say promoted.
I was a developer of an identity governance platform and I also did many deployments where I got in touch with customers and their needs. I have more than 10 years experience in identity and governance administrations. Today I want to show you what we decided to do to minimize stress and frustration while deploying identity governance solution. At one conference, I heard a man say something that stuck in my head.
He said, identity management is not a project. It is a journey. And most of the time it's about surviving the journey. I'm sure that if I ask you, many of you would agree, I did too. Right after I heard it, I started to laugh silently and remembered my own experiences. Identity management or governance journey can be really, really painful. Too many things can go wrong. It can be quite expensive as well. But despite all the drawbacks in the end, there are many more benefits to be gained. Identity governance can help you with compliance, automation, risk management.
It can help you improve your processes, clean up your data, and improve the overall security. But looking at the drawbacks, it's totally normal when customers are not willing to start or repeat the painful identity governance journey. I also met with the opinion that customers would rather reduce the amount of their requirements rather than upgrade or migrate to newer versions. On the other hand, if you are new to identity governance, you might not feel secure letting go of power you have, you want to have control of the processes and operations performed in your environment.
But what if I told you that from now on, you don't need to worry. The identity government journey will be simple and strength, straightforward. You'll see exactly what's going to happen and you will have the power to decide if you want it to happen. So let's look at some common problems in identity governance journey and then proposed solution. So very common problem in identity governance is knowing your processes and the data before the identity governance journey starts. You should be able to define processes, policies, rules, systems.
Once the integrator start the work, they should know answers to questions such as what kind of workflows exist, what naming conventions do we use for our logins? What are the policies for approvals? And maybe more importantly, they need to know answers to questions such as are there any exceptions to processes? Are the same rules applied for all users? Bad data quality and insufficient knowledge of processes might very easily end up with famous garbage in garbage out. It might make your journey even more painful and more expensive.
Just imagine the horror story where you, because of the incorrect rule, revoke accesses to applications for 60% of users. So we cannot use these applications anymore. No wonder that if you have ever heard about something like this and you have never ever had identity governance solution in place, you might be skeptical. You might ask yourself, what if something bad happens on my identity governance journey? You might think that now when you have everything under control, it's better for you. You know what will happen because you are one.
You are the one who decides, who decides who has access to what, for how long, with which permissions. I want to show you today what we decided to do to minimize the stress and these painful moments. So let's start with the motivation. We lived all those horror stories with our partners and on our own. We experienced those moments of desperation, fear, and stress, and we didn't like it. We wanted the journey full of fun and joyful moments.
Therefore, after many discussions, we came up with the idea of simulations. The idea was to see what will happen, to see which attributes will be changed, to see which permissions will be removed and added to users to see how many accounts will be deactivated, how many accounts won't be, how many users won't be able to log into systems anymore. And of course, if I see something I don't like, I want the possibility to make changes to avoid it. But simply said, the idea was to see the future of identities.
One of the motivations for implementing identity governance solution is synchronization of accesses among different systems. Usually you have some system or HR system, and if this system says that there is a new user who is an accountant, identity governance solutions should pick this up. Execute policies, rules and decide which accesses should exist. The same if this system says this user is no longer an employee, identity governance solutions should pick this up.
Again, execute rules and policies and decide which excesses has to be revoked. Therefore, it's very good to be sure that such a system has always correct data. But how can you be sure and how can you ensure it If the system, the system is not under your control, you should only read data from it, execute policies, rules, and synchronize them to other systems. If any mistakes are introduced in such system, it might very easily end in removing accesses for people who need them.
This might be scary, and this is where simulations come to the spotlight because before you run synchronization or reconciliation with such a system, you can simulate it. The result of the simulation will show you different detailed information about what's going to happen, which objects will be processed.
So if you, for example, see that during the synchronization, your CEO will lose three accesses to three business critical applications. You know that this should not happen.
So, but you run only simulation, so nothing bad had happened yet and you still have time to fix it. So how can you fix it?
Well, obviously you can report it to the stakeholder that there is something strange in their data so they can fix it. But sometimes we probably all know that it can take too much time and usually we don't have so much time to wait. So you can also tell your identity governance solution not to touch the CEO's identity during the synchronization and return back to it later when it's solved on the customer side. Another good example when simulation can be useful is generally synchronization or reconciliation of its systems.
For example, after you simulate such synchronization, you can see that five of the accounts will be deactivated. You didn't expect it and you want to know more about it. You run synchronization. So you have comprehensive result of what happened in the system. So you will, you will look into the account and you can see, okay, there are, there might be accounts for users who left organization, users who were temporarily suspended, spend it, or users who just forgot to request the renewal of their excesses. What can you do about it?
Well, again, one option you have is to report it to the customers so they can clean data and decide what to do next. But what you also can do is to look into the results in an active way to mark the account and users, which should not be processed, which should be skipped during the synchronization. You can also show the customers this information and they can maybe better decide what to do with these accounts.
Well, after they maybe analyze it, they, they can make decision that, okay, two of the users really let organization, so they need to be deactivated, but other accounts should not be deactivated and should not be even processed by the synchronization to not lose any access. So you can tell the identity governance solution to skip the activation for those accounts. And you can also say that I want to skip it because there are incorrect data. With another run, you can end up with the result that 20% of users will be renamed.
There will be other non-significant changes in attributes in 5%, and in 75% there won't be any changes. So, but if you look at something like this and you see 20% of users will be renamed, so they can't log into application anymore, it's probably strange to you and you would need to to know more about it. So after you look into the results and you see that the login names are are changed because, because of the rule you implemented based on the customer requirements, well, what you can do is to discuss it with the customer if the rule is still valid or there are some exceptions to the rule.
For some users, for example, these users might be first user in the company where this rule wasn't even, didn't even exist. So again, you can report it to the customer, they can fix the data, but you can also temporarily disable these users from synchronization. So any data will be cor corrupted. What you can do with simulation or what simulations help you with is they, they help you see and predict the future. If you see something that should not happen, they can help you avoid unnecessary risk of data corruption.
So if you see that I don't want this to happen, you have the possibility to change it and to avoid it. Maybe also with the the simulations, it can help you to see the quality of your data and processes and it can maybe also help you answer the question such as, are there any exceptions to these rules?
Yes, maybe you think about it like it'll take more time because before I ran synchronization or reconciliation, I need to synchronize it and analyze the result. But these are the situations where you should tell yourself better safe than sorry. Simulations can also help with building relationship between customers, integrators and identity governance platforms. It can help you to see what will happen if you are an integrator. You can sleep well during nights because you are in control of what will happen if you are a customer.
You have immediate feedback about your data, your policies, and your rules. These were just few examples of the situations where simulations might be useful. There are many more, maybe those situation just flushed through your head by now, but why it, why it is important and what matter is that simulation can help you to have a peak into the future with of, of your identities. It can help you to see what will happen. It can help you to avoid unnecessary damage of the data. If something unexpected is going to happen. It can help you to clean your processes, to clean your data.
And we believe that in the end with all of this, your identity governance journey will be more simple, more efficient. You will, it'll be more easier, and you will survive easily without stress and frustration. Thank you very much. Very good. Don't have any questions online, but I just want to just clarify one thing with you. Please. So Avol provides a simulation capability Yes. And Our product Midpoint Pro. Yeah.
Provides, so, So it'll go through your environment, do the governance, and come up with the issues that need to be addressed. Yes. Do does it generate a workflow to the system owners or do you have to integrate, go to the system owner and say, is this right or not? It's normally you have integrated systems like we have midpoint, it's identity governance and an administration platform. Yeah.
And you, if you integrate midpoint with our systems, you can, you can run the simulations. Okay. That now I want to synchronize or I want the reconciliation with these systems. So you will run the reconciliation and you have this report. You can see what will be changed. The report.
Yeah, yeah, yeah, yeah. But it's like, it's not report in pdf. PDF or CSV file, but it's inter, it's also possible to review it interactively. Yes. In the graphical user interface. And you have actions you can do directly in the report and also you can do simulations at any time of your journey. Thank Catarina for us. Please.
