Top Five Challenges of Building an Identity Governance Strategy

By Mona Lavare posted May 15, 2021 03:10 AM


Identity governance is an area of frustration for most companies. Organizations achieve a wide range of systems to meet ever-changing business requirements, with little thought about how each system operates together. In the matter of convenience and efficiency, IT teams often concentrate on one-off integrations and workarounds.

This has clear indications on governance and agreement efforts. It’s nearly difficult to see at a glance who has access to what, whether those dues should be revoked, and the extent to which access poses risks to users and the company as a whole. 

There are five principal challenges that organizations must confront as they develop governance tactics in an era of digital change.

Challenge #1: Cost and Complexity

Identity governance solutions have been essentially big, complex, on-premises applications that take an army of specific people to deploy and manage, making it very hard to show value from IGA programs clearly. According to Gartner’s 2020 Security & IAM Solution Adoption Trends Survey, 76% of companies are looking to follow their IGA solutions. This shows that turnover in the IGA market is on the horizon, and companies are looking for less costly and less complex answers. 

Challenge #2: The Existence of Silos

Most companies use dozens of business purposes. Not all assets require the same level of protection, and certain end-users need escalated responses. Managing these features in a typical Help Desk situation is nearly useless when business solutions – including the IGA tool – are separated. Without clarity to identity and access data across essential tools, governance teams don’t get the real-time insight to manage identity, certification and privilege completely. 

Challenge #3: Too Many Standard Processes

As enterprise systems evolve in both sophistication and specialization, they produce increasingly valuable data sets that can help make intelligent business choices or meet compliance reporting mandates. But because systems are rarely combined, structures aren’t in place for retrieving information and using it productively.

This has various troubling effects. Many data pulls are done manually. In conclusion, analysis and recording take more time than important and are prone to human mistakes. In addition, auditing becomes hard, accountability suffers, and management has little insight into who’s managing the governance process. Standard processes and poorly integrated business operations increasingly threaten a company’s ability to answer.

Challenge #4: Poorly Administered Provisioning and De-provisioning

Automation has made provisioning easier – but that doesn’t certainly make it better. If existing users have too many opportunities and access for new users is based on existing users, new users will also have too many options. This leads to situations where administrators are asked to approve the permit with no concept of the overriding governance controls that should be in place, leaving the average user with much more access than required.

De-provisioning offers its own set of challenges. Without up-to-date details about a personal account, it’s easier for administrators to leave accounts active even if an employee has left or if a contract with an external data governance consultant has ended. This unlocks the door to fraudulent use of accounts with excess opportunity since accessing a non-privileged account is the key entry for any hacker to access highly privileged accounts.

Challenge #5: No Culture of Compliance

All of these difficulties taken together mean that identity governance and compliance become an afterthought for far too many companies. These key areas should be embedded into everyday best methods and overall culture, with support from executive leadership down to management and end-users.

A big goal for this disconnect is because companies treat governance as an IT issue, not an organizational one. If governance is observed as a siloed IT resolution, then organizations will struggle to prioritize this initiative and measure its ROI.

Catching These Challenges with ITSM and Native IGA

Tackling these difficulties may seem impossible, but there are proven approaches producing real-world advantages. One promising approach includes putting the identity governance workload on an actual IT Service Management (ITSM) platform, such as ServiceNow. 

Combining an identity governance and administration (IGA) solution with the necessary ITSM platform offers several distinct benefits for addressing today’s governance difficulties. Running an IGA solution developed natively for an ITSM platform provides to maximizing the investment in that platform, costing less than producing an IGA solution siloed as its own stack. No new skillsets are needed, either. Companies thus avoid costly recruit/train/retain conflicts that can arise.

Finally, the integration of IGA with ITSM is highly favorable because it places IGA functions in the hands of users, with instruments they already know. When governance becomes a seamless method for end users, and not a complex and laborious drain on productivity, the entire company reaps the advantages.