The Cloud Is Gathering For Identity And Access Management

Chris Grundy

Things are getting interesting in the identity and access management (IAM) market, thanks to the cloud. This vibrant market continues to grow, underpinned by well-known vendors providing robust on-premise solutions. But with organizations feeling an increasing draw to the cost economies, scalability, and the ease-of-use potential from cloud-based solutions, there is a surge in demand for cloud approaches to managing identity and access governance.

Cloud technologies and widespread use of apps for personal use have had a consequential impact on business-user expectations for software ease of use. The expectation now is for business applications to be intuitive and usable with minimal training. Users expect access to be seamless and without a significant process or time delay for assignment of the correct application permissions. Successful cloud applications need to enable larger numbers of users’ easy access to functionality without a significant administrative workload.

Of course, changing technologies and evolving user expectations have a direct impact on how software solutions are designed.

Design with the user in mind

Design needs to be clever and well thought-out, taking advantage of all benefits of cloud technology to not only meet the functional needs of the organizations and the business user, but also the massive expectancy for modern, easy-to-use, great-looking consumer-grade applications. For vendors, the pressure is on to deliver! Knowing what customers want, however, provides a real focus for attention. So when designing a new access analysis solution for the cloud, the user should be very much at the forefront of mind. The result is a cloud application that:

  • Looks great! There, I’ve said it…but really it should go without saying!
  • Contains functionality that enables a greater level of automation to ensure that users are granted the correct roles and permissions within cloud and on-premise applications, including support for the process of user and role analysis, user refinement, mitigating control assignment, and audit reporting – processes necessary for financial compliance in many countries
  • Allows users to extend the capabilities of access analysis in an easy consumption manner, at low total cost of ownership (TCO)
  • Enables an easier and more compliant access processes

Apply best practices based on experience

So there you have it: a great-looking, user-oriented, highly intuitive cloud-based application. But as we know, looks aren’t everything. There also needs to be substance and functional depth. Having got the interface right, the focus now turns to key user and business requirements. And there’s also the question of what improvements might be possible using a carefully selected cloud platform that could not be readily addressed before. The response is clear:

  • An improved yet simplified processes to address compliance needs as well as optimizing the user’s individual access to systems
  • A way to address access analysis and risks associated with access, like critical access requests and segregation of duties (SoD) violations in increasingly complex software system landscapes
  • More timely results of access analysis, allowing adherence to compliance policies, and avoiding the need to make decisions based on outdated results

But these business considerations need to be underpinned by some sound technology capabilities. In this case, those improvements are equally clear:

  • Moving from traditional periodic batches to event-driven analysis, leading to more timely access analysis results, no delay in responding to access violations, and a quicker response to mitigating access risks
  • Optimized assessment algorithms, improving the performance in calculation of access analysis results, and an ability to easily scale, supporting speedy and well-informed decision making
  • Normalized authorization model and localized analysis, through an improved approach of event/trigger-driven analysis
    • It’s possible to produce real-time access results, as soon as there’s an access change – or in other words, a system of continuous access analysis for an organization, which is a breakthrough in terms of real-time analysis.
  • Cloud based multi-tenant applications, allowing customers to easily add compliance to the applications in their landscape, aiding the auditing process
  • Plug and play and instant results with smart sequencing, designed to connect to various systems in a plug-and-play mechanism, allowing the extraction of information required for access analysis
    • But of course, accessing data isn’t always quick, so smart sequencing comes in, to sequence the analysis blocks smartly to bring instant results.

I started this article by saying that “things are getting interesting” in the IAM market. And I meant it. It’s interesting from a user perspective, as users can now experience consumer-grade applications in their business lives. It’s interesting from a business perspective, because the business can really now look to cloud to deliver functionally rich solutions that offer performance and scalability at relatively lower cost of ownership. And it’s also interesting from a vendor perspective, as they strive to deliver new and improved approaches for business solutions in the cloud.

Take a look at your own approach to identity and access management, and see what cloud access analysis could mean for you. From my side, my interest piqued, I’ll be keeping a watchful eye on the speedy evolution of the cloud IAM market.

To learn more about how finance executives can take a more strategic approach to governance, risk, and compliance (GRC), visit the SAP Enterprise Risk and Compliance Management page for additional research and valuable insights. More resource on cloud identity access governance is available here.


Chris Grundy

About Chris Grundy

Chris Grundy is the Director of Product Marketing at SAP. His specialties include lead generation, product management, business analytic and marketing management.