Today’s technology and business climate is rapidly transforming how and from where identities are accessing critical applications and the information they contain. The seemingly exponential growth and proliferation of identities is leading to ongoing access sprawl, over-provisioned access, and reviewer fatigue. In the rapidly evolving landscape of identity security and governance platforms though a few innovative technologies have emerged that will help corral and better govern this identity sprawl. This article focuses on analytics for identity access.
Harnessing intelligent analytics
Traditionally, identity platforms have employed clustering algorithms to define peer groups, using them to construct access analytics and recommendations. However, using statistical algorithms to derive access analytics has some notable shortcomings.
The first is that static parameters don’t fit today’s dynamic organizations. Organizations are constantly undergoing structural reorganizations, divestitures, and acquisitions, as well as experiencing new joiners, internal transfers, and departures. But clustering algorithms rely on static parameters and attributes to generate peer groups. This rigid approach results in generating peer groups that can quickly become outdated and generate stale recommendations with low confidence.
The second shortcoming is that traditional platforms depend on application and system owners manually selecting and fine-tuning attribute combinations, which can be a time-consuming trial-and-error process.
Current systems also do not integrate usage data into recommendation engines, preventing the system from learning and refining its recommendations over time.
3 steps to building intelligent access analytics
For CISOs seeking to elevate their organization’s security infrastructure, understanding and implementing intelligent access analytics is not just beneficial — it’s essential for staying ahead in a rapidly evolving digital landscape.
The first steps of this innovative approach include:
- Determining the most relevant peer groups based on users, access, and application types.
- Dynamic and intelligent recommendations based on multi-dimensional peer groups to reduce the reliance on humans.
- Context-driven algorithms making use of identity, access, usage, and internal/external risk signals to provide intelligent, high-confidence, dynamic recommendations. Ingesting usage allows the platform to learn, fine-tune, and improve its findings and model coverage, as well as the efficacy of the recommendations.
These steps translate into attractive benefits:
- Enhanced scalability through the processing of larger quantities of security data across diverse identity types that also drives greater efficiency. Prioritizing the detection of outlier access and risky entitlements also improves overall resource use.
- Strengthened security measures through reinforced security controls to proactively mitigate over-provisioning risks. Recommendations are generated through a comprehensive analysis of identity attributes, access permissions, user activity, and risk indicators.
- Reliable, intelligent automation with access approvals granted based on usage patterns; low-risk cases can be automatically granted with a high degree of confidence.
- Substantial cost reduction by automating the detection, restriction, and monitoring of outlier access minimizes human involvement and shrinks overhead.
Intelligent analytics leverage the potential that artificial intelligence and machine learning are bringing to the table when it comes to identity security.
