How a Culture of Identity Governance Drives Success in Digital Transformation

How a Culture of Identity Governance Drives Success in Digital Transformation

Digital Transformation (DX) should be an important area of strategic focus for companies that want to grow and thrive in a changing world. It’s not easy, though. DX takes a focused blend of people, process and technology. It also requires an organization’s governance process to adapt and become more rigorous, especially around identity management.

What is DX, really?
Any thinking about the role of governance in DX success must start with a proper definition of DX. The essence of DX, which cuts across all permutations of the idea, involves using technology to transform the relationship between a business and its customers. A company that undergoes digital transformation is a business that has leveraged technology to engage more deeply with its customers, build more sustainable relationships with them, and earn a larger share of the customer’s wallet in the process. These outcomes can emerge from a wide variety of technology strategies. What they have in common, though, is a parallel transformation in the way systems interact with one another. For example, DX might mean coupling Internet of Things (IoT) devices with in-store kiosks and mobile app technology to achieve an omnichannel customer experience. Success will require some pretty sophisticated application integration. This is where identity comes into the picture.

What does DX have to do with identity?
An organization has to do multiple things right to achieve a successful DX outcome. Good planning and strategy are essential, as is technical excellence. Getting systems to connect and inter-operate requires skill. The topology of the DX project might span public and private cloud infrastructure, on-premises data centers, Software-as-a-Service (SaaS) solutions, and more. A further complication may arise from connecting systems belonging to multiple business entities. Then, there are the users themselves, who may work for different companies, or no company (e.g., contractors). They may be working from home, or at remote sites.

In an environment like this, it is imperative that the organization know who its users are—and can authenticate them across any possible point of access. This is partly a matter of security and compliance, but the requirement also has a lot to do with how all the elements of the DX project are going to function. If end users and administrative users have trouble getting the credentials they need quickly enough, the entire effort may bog down. Identity cannot be ungoverned in such an environment.

Identity Governance and Administration (IGA) and DX
A DX initiative needs a parallel practice of Identity Governance and Administration (IGA). Though it varies from company to company, IGA is a collection of policies and processes that makes it possible to manager users’ identities and assign access privileges in alignment with business strategy, security policies and compliance requirements. It represents a better organized version of the simple access lists and loose identity management rules that have long prevailed in so many organizations.

The need for a culture of identity governance
IGA doesn’t just happen, even in companies that own dedicated IGA solutions. It takes a culture of identity governance for IGA to succeed. What does this look like? Identity governance culture means that the people in an organization, at every level, understand why identity management is important. They get that poor access controls can lead to data breaches and other negative security incidents. They appreciate that the complex system integrations and technological layers of DX need clear identity controls in order to work.

A company with an identity governance culture will embed strong identity management into everyday work streams. People will want to follow processes instead of feeling pressured to—and circumventing them. For example, a bad habit such as password sharing, which might have been tolerated previously, will no longer occur because employees and other stakeholders recognize that it’s a high-risk behavior.

Making an identity governance culture a reality, for today and tomorrow
Building an identity governance culture takes training as well as endorsements from executives who can set an example for everyone else. Tooling is also a necessary foundation for identity governance culture. It’s difficult to change culture without solutions that make it easier for people to follow the rules. For example, an advanced IGA solution can automate tasks like provisioning access to systems. It can handle identity across the entire employee or contractor lifecycle. This way, new users can quickly get to work on their part of the DX project, versus waiting for days or weeks as might have been the case previously. Integrating the IGA solution with IT Service Management (ITSM) systems can smooth this process along. The future of DX is unknown, but signs point to a fast-approaching era where the identity governance culture will need to adapt to an era of convergence among major enterprise systems used in DX. Today’s best-of-breed and point solutions will likely fade away. Traditional IAM vendors, too, are heading into competition from enterprise platforms such as Salesforce and ServiceNow. A strong culture can evolve, however. As circumstances change—and they will—the culture can keep up, ensuring that identity governance remains an essential element of DX.

DX can happen without a strong commitment to building an identity governance culture, but it probably won’t go well. Identity governance is an elemental success factor in DX. The degree of application and data integration required for DX, along with its tendency to connect multiple business entities, make rigorous identity management an imperative. In addition, DX initiatives are not static. In fact, their ability to adapt to changes in the marketplace are one of their main appeals to business strategies. This reality puts further pressure on identity governance to keep up, ensuring that only authorized people can access the underlying systems and data sources. A culture of identity governance will keep identity as reliable part of DX as it inevitably evolves over time.

Featured

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3