2018 planning (7 of 9): Manage identity & accessDecember 26, 2017
This is the next in our series of posts to spotlight Gartner’s planning guides for 2018. The topic du jour is identity and access management (IAM).
One of the hardest questions to answer is: “Who has access to what?” Permissions are a complex issue, and it’s all too easy for users to be able to see more than they’re supposed to.
This challenge is only going to get more difficult. These days, there are many new ways to manage users, new devices to consider, and even new types of business relationships to account for. Gartner says that the key challenges in this space are:
- Understanding and accounting for dependencies between identity providers
- Letting cloud-managed users access on-premises applications
- Limiting data breaches, data destruction, and downtime
- Keeping up with the blistering pace of digital solutions
Here are some steps you can take to meet these challenges:
Focus on business-critical applications
Whether you use on-premises or cloud authentication, you should make sure your identity services can handle access to all business-critical applications. These applications might be hosted in the cloud, on site, or both. You might also need to give access to more user groups than you ever have before. For example, there’s a growing need to give access to B2B users (like partners and vendors) and B2C users (like customers, patients, students, and even citizens of government).
Understand and reduce dependencies
As you adopt new IAM providers, you’ll need to make sure you understand and account for their dependencies. For example, if some third-party identity services go offline, your users can also find themselves locked out of Exchange Online. Which means they’ll be locked out of their email and other critical applications, and your business can come to a standstill. So you need to thoroughly understand what happens if there’s downtime. What are the vendor’s metrics over the past 12 months? Over the entire length of their service? If possible, design and test a process that removes all such dependencies.
Sync across cloud and on-premises
Your cloud-managed users likely still need access to on-premises applications, and vice versa. These users might also include groups beyond employees, like other businesses, vendors, customers, and more. This is an area in which we at Binary Tree can help. Our Active Directory Pro keeps your directories in sync across on-premises and Office 365. We can even help you sync directories with external partners.
Set up governance
You need strong processes in place to help limit data destruction, data breaches, and downtime. To that end, consider investing in an identity governance and administration tool. These types of tools can help you unsnarl your permissions and be more consistent in how you apply them going forward.
Invest in analytics
Analytics is truly starting to pop up everywhere, and identity management is no exception. By closely tracking how your authentication processes work, you can improve the user experience and overcome key challenges. Gartner suggests that you start small. Pick one of your high-value identity processes, like authentication, and explore solutions for how you could use advanced analytics to improve the flow.
How Binary Tree can help
Directory modernization is one of the key services we offer. My team and I can help you assess the health of your Active Directory environments. We can help you merge directories to reduce complexity. And we can even help you sync directories, both within your organization and without.
See more about how we help modernize directories.
Or get in touch to chat more about what you need.