Identity and Access Management

Trend 3 – Strengthened access governance brings greater transparency

The modernized needs of digital transformation require strengthened identity and access governance solutions to establish transparent access across onpremise, hybrid and cloud-hosted applications and infrastructure assets. This strengthened governance framework provides:

  • A single-pane view into who has access to what across on-premise and cloud infrastructures
  • The ability to dynamically monitor and remediate access risks across the landscape
  • Continuous compliance management aligned with regulatory requirements
  • A defined, contextual access control framework and segregation of duties enforcement

As organizations modernize their IT landscape, they need to establish visibility across tiers of structured and unstructured data, as well as on-premise and cloud infrastructure assets. Likewise, the advent of IoT/OT devices requires more modern processes for overseeing non-human identities that manage such devices. To do this, enterprises must converge intelligent application gateway (IAG) processes for IT and IoT/OT landscapes and establish a human-device relationship to enforce access authorization with appropriate visibility across such data sets.

The following principles must be established to cater to the needs of access governance for modernized enterprises:

  • Implementation of a holistic, risk-aligned access control framework that is role- or policy-based
  • Continuous user access review and risk remediation
  • Interoperable identity standards for data interchange across federated access systems
  • Processes for dynamic risk analysis and compliance with regulatory standards, leveraging user and entity behavior analytics capabilities within an enterprise

Such capabilities can be delivered through nextgeneration IAG-focused tools such as SailPoint Identity IQ, Saviynt SSM and Microsoft Azure AD.

Infosys has helped a major U.S.-based financial services company transform and strengthen their identity and access governance framework. We established a technology framework for the rapid onboarding of applications, setting up a privileged access management solution framework and providing holistic access governance across the enterprise landscape.

Identity and Access Management

Trend 4 – A zero-trust security model maintains identity as a core component

A zero-trust model establishes that the legacy approach that involves inherently trusting services, individuals or devices within the corporate network is flawed. Zero trust maintains that all users or devices, irrespective of their access location, be authenticated and authorized to access the requested applications or services.

Thus, the traditional, perimeter-bound security principle is modernizing to a foundational zero-trust security model, with identity at the core. The evolution of a zero-trust security model encompasses:

  • Identity as the central focus
  • Diminishing reliance on traditional edge firewalls with VPN
  • Frictionless and secure access to resources, with multiple authentication tiers (i.e., identity/device verification)
  • Assurance of security principles enforcement across all access tiers

When designing a zero-trust model, the principles mentioned above – with identity at the core – should be considered for securing access to enterprise applications and services, whether they are set up onpremises or in the cloud.

Some of the industry-leading tools which can help deploy a zero-trust identity model include offerings from Microsoft Azure AD, PingID, Okta and CyberArk, to name a few.

Infosys has helped a major U.S.-based nonalcoholic beverages company achieve cloud transformation by migrating their identity controls to the Azure cloud, remediating their access management solution to allow Azure AD single sign-on and multifactor identification, installing privileged access management through CyberArk and progressively improving their cybersecurity posture with the adoption of zero-trust security principles.

Subscribe

To keep yourself updated on the latest technology and industry trends subscribe to the Infosys Knowledge Institute’s publications

Infosys TechCompass