KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
IGA or identity governance and administration. The overview does this. So to speak the traditional core component of identity and access management, even while I should say that more and more focuses on the access management piece. So enabling access, doing the authentications, et cetera, but IGA is important. It is a core element and it will remain core element of IM infrastructures. So what is it about it's an integrated solution, which usually is of which supports two areas, which is identity, lifecycle management, or identity provisioning and access governance. So these are two elements.
And when we would go back into history of identity access management, we would see that there's capabilities commonly separate. So we had identity life cycle management, identity provisioning way earlier than access governance. Access governance started then with separate solutions over time. Most vendors switched to an integrated approach, which is today called IGA. So it's one IGA system covering both areas. They share these capabilities, shares a common set of capabilities, such as a consistent UI, integrated auditing and reporting and workflows.
And also they share usually the connectors, even while I have a dotted line here, which says there might be also a separate type of access for the current entitlements from various systems specifically when you don't have a connector for the life cycle and provisioning, they are built to support both the key I management process, such as try and someone joining your organization, mover someone, changing his job and lever someone leaving your organization, as well as the approvals for access request and the access reviews to enforcing a least privilege principle. And that set the core element.
So what are the main capabilities of I T in a very high level perspective, It is connectors to boost source systems such as HR for importing data or to data integration platforms. It is about connectors to target systems, such as SAS systems, such as SAP, such as active directory, Microsoft Azure, active directory, and many others. So they connect sources and the targets support, automated provisioning, flows, support workflows for the access request and approval and for supporting the access review. So they have a structured access review campaign. They support of flexible entitlement model.
I should do that for instance, roles and other concepts, two tier role models, three tier role models, grouping as flexible as can, they should be. And they support access review capabilities, which is one of, of the main capabilities of access governance to ensure that users don't have more access than they should have.
Last, not least more and more of the systems also come with some form of access intelligence, further analyzes of the access risks of iden of identifying higher risk entitlements.