Your employees use a ton of applications whether they are web based, cloud based, or on premise. Making sure your users have access to these applications is integral to business productivity. On the other side of things, making sure you have visibility and policy on which applications can be accessed is extremely important to compliance and the overall security posture of your organization.
An Identity Access Management (IAM) tool can save money, time, and boost security for your organization adding in things such as SSO and multi-factor authentication for applications that do not have it built in, automation for policy setting and password resets, as well as integration to Active Directories and applications.
How Does Identity Access Management save money and time?
There are couple ways IAM solutions can save your organization time and money and almost all of them relate to human labor. If you are a large organization, you understand the labor involved in password resets. You may have a couple employees whose sole responsibility is to reset passwords for other employees who forgot a log-in(s) to critical web based applications and or internal applications. With an IAM solution all applications can be accessed from one pane of glass requiring one password. Password resets can also be self-service to the end-user allowing them to reset a password without having to contact IT. This results in major cost savings and inherently saves time and effort from IT as well as eliminates productivity lost to the end-user who can solve their “forgotten password” problem on their own.
IAM solutions can also turn a burdensome and timely task of onboarding new employees as well as decommissioning exiting employees into a simple set of steps. With an IAM solution a new employee can be given all login credentials for company applications almost instantaneously also known as provisioning. Removing the need to create log-ins for each application saves time and gets an employee up to speed using the specific applications required for their job. The same goes when an employee is leaving the organization. While there is a major security piece here that I will touch on later, the labor hours needed to decommission an employee upon exit is turned into a click of button. All access to the applications and the data associated with that user will be removed in extremely simple steps also known as deprovisioning.
Look at how Okta is saving National Geographic hundreds of thousands of dollars annually. (Click on picture for full case study and video)
How does Identity Access Management boost security?
There are a couple ways IAM can boost security. The one obvious way security can be boosted is through Single Sign On. While Single Sign On makes the end-users life much easier it also allows for controls and policy to be placed on users. Certain applications can be allowed or blocked based on the needs of the business for that user. Also, having one secure password for Single Sign On, rather than multiple passwords stored somewhere (desktop, folders, software, etc.) increases the security for that individual user. You really become secure when pairing SSO with Multi-factor authentication. You can easily configure the system so that when a user is at headquarters MFA will not activate but whenever the user is away from the LAN, the user will be prompted to approve access to their IAM dashboard using a smartphone or text message. This added feature allows for enhanced security especially for remote users.
When we talk IAM, we talk Okta. For the third year in a row Okta has been the Gartner leader in Identity Access Management as a Service beating out Microsoft and Centrify. The simplicity of their solutions as well as the capability to connect with Active Directory and rapidly deploy the solution on a very large scale is why Okta has thousands of customers within their stable of “Out of the Box” integrations. Also, the ability to securely control access between internal users and external users ranging from customers, partners, distributors, etc. allows IT to efficiently identify and place policy on users no matter who they are.
If you are considering an IAM solutions to save money, time, or increase security and or are having difficulty with AD control, security, and management because of a growing workforce and external user group, give us a ring to discuss how we may be able to assist.
Call at 858-866-9702 or email at info@birdrockusa.com