Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to searchSecurity.in you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of searchSecurity.in is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
According to IT research firm Gartner, Inc.’s estimate, almost half to two-thirds of businesses approach identity and access management in the wrong way, since initial considerations include only production requirements. In his recent paper “A Process View of Identity and Access Management Is Essential”, Earl Perkins, the research vice president at Gartner observes that the traditional “build” of formal identity and access management (IAM) systems suffer due to wrong direction and participation of the wrong people.
Although Gartner points to improvement in certain experiences along with evolution of technologies, it observes that major efforts to formally build an identity and access management system for an organization overlook a key lesson—planning does not include everyone who should be involved. Due to the introduction of risk, compliance, accountability and transparency, identity and access management has seen changes. Gartner observes that the basis for good identity and access management involves active roles from the entire organization—not just IT. This approach ensures the required extent, accountability and transparency of access.
A merit of this approach as Perkins observes, is that identity and access management products occupy a relatively minor focus of the decision process in the entire program. Viewing identity and access management as a process also helps identify key queries during product selection (for example, how do products fulfill certain process steps). Viewing identity and access management as a process helps an enterprise articulate its requirements and target them through prioritization of need. It helps map the identity and access management process on top of known business processes to determine the convergence or touchpoints for control and intelligence purposes. Process steps that are best performed manually or are people-intensive can be identified, as can different identity and access management process flows for different organizations, applications or system environments.
The operational process view can also enable businesses to define organizational roles for managing IAM, as well as develop identity and access governance model that incorporates such operations. By linking operational identity and access management process to the policy model of the organization, this part of IAM governance can be established as a lifecycle, rather than as an ad hoc set of activities applied in a reactionary way to access and identity problems. Identity and access management as a process can be effective in converging business and enterprise processes with IT processes and accelerating IAM program maturity for the long term.