Author: Nilesh Dherange, CTO, Gurucul
At Gurucul, we see customers facing a host of challenges, some more profound than others. One stands out with an urgent prominence: IAM (identity and access management) solutions. IAMs have come to bear a heavy load of security responsibilities for organizations, with a need for comprehensive capabilities. But is that requirement really being addressed by IAMs?
In the past, IAMs have been the primary disciplines for managing access to enterprise resources. Included in this category, identity governance and administration (IGA) solutions have facilitated minimum compliance required by various regulatory bodies. Yet recent trends in the information technology industry reveal the growth in distributed siloed applications (on-premises, cloud and SaaS), and an increasingly dispersed workforce, which makes reliable, responsive and comprehensive security problematic for IAMs. In the past two years, all major breaches have been attributed to insider or employee activities. These threat activities can be malicious, negligent or accidental. This has led to IAM and IGA becoming an organization’s first line of defense, with identity as the new threat plane. So while they are on the front lines, do they really provide the best defense?
The problem is that IAM and IGA solution capabilities have not evolved to keep pace with emerging challenges. In one customer case, Gurucul found as much as 70% of privileged access existed outside the organization’s siloed vaults. The reality check is that these traditional legacy solutions still use static rules and a policy-based engine to manage identities, access and certifications in an ever-changing dynamic business environment. They’re simply unable to leverage invaluable identity and access data to deliver critical context-aware decision making. This is what’s needed to meet compliance requirements, improve operational efficiencies of timely provisioning and deprovisioning, and to provide an effective alignment with business expansion, while at the same time, improving the overall security posture by reducing the threat surface. To meet this challenge effectively, organizations must optimize their existing IAM and IGA systems (this also includes PAM [privileged access management] solutions) by taking a risk-based analytical approach, drawing context intelligence from silos across the entire organization. These legacy systems are incapable of performing this approach alone, as the threat plane continues to grow. The expanding awareness gap between what access rights have been granted by an IAM solution and the proliferation of unknown access entitlements has reached a critical mass of urgency. Something’s missing.
Last October, Gartner observed in one of its subscription reports the importance of identity analytics (IdA) as the solution set to address these challenges. With its risk-based approach, Gurucul’s IdA solution delivers unique value through its advanced risk scoring and aggregation mechanism. It uses proprietary data science and algorithms to create unique risk scores for each user in the organization, based on their accounts, entitlements and context derived from their identity attributes and behaviors in all silos. Using a big data platform, driven by mature machine learning models, it ingests both structured and unstructured data to aggregate context information and uses that for intelligent decision making. That’s the missing piece IAMs need to be successful in keeping pace with today’s rapidly expanding threat plane. Numerous business leaders, like the one who found 70% of his organization’s privileged access entitlements were unknown, have seen the value of IdA before facing an avoidable and costly insider breach.
To learn more about IdA, check out our product page: Identity Analytics