Orchestrating Identity Governance

In 1946, an eager young business consultant was hired by General Motors to make a detailed study of its operation. From his subsequent analysis emerged many creative new ideas such as employee ownership and decentralized management. The young consultant – who you would recognize now as Peter Drucker – parlayed this engagement with the automotive giant into an iconic career as a business visionary helping organizations better organize.

Today, Drucker’s concept of helping organizations improve how they organize has become a tenet of enterprise security governance. That is, where casual observers might connect the cyber ecosystem to hackers, security start-ups, and cool technology – most practitioners know that risk is best managed by reducing complexity in an organization. How a businessadministers it systems, experts now understand, is an accurate predictor of cyber risk.

I was thinking of organizations, consultants, and risk governance during a recent discussion with Jay O’Donnell, Founder and CEO of N8 Identity. Jay began his business in 2000 as a consultant, helping enterprise teams optimize their identity and access management (IAM) investment. After years observing the challenges his clients were having with identity governance, Jay decided it was time to build a new platform to make their lives better.

“After many years working huge IAM projects with prominent banks, government agencies, and telecommunications firms in Canada,” O’Donnell explained, “my team began to clearly recognize the importance of properly serving the various IAM stakeholders such as Human Resources, Compliance, Audit, Business Units, and obviously – the IT custodians. This experience served as basis for the identity governance platform we call TheAccessHub.”

Implemented as a cloud-based, identity-as-a-service (IDaaS) offering, TheAccessHub supports identity governance through out-of-the-box integration with existing IAM-related systems. The design goal was to build a platform that could improve security posture by simplifying IAM functions for employees, contractors, vendors, suppliers, and other third parties who require access to the applications and workloads in an enterprise.

TheAccessHub Enterprise is the company’s flagship solution for identity governance. It provides for management of identities, support for compliance, and integration with IAM analytics. It includes connectors to Active Directory, Office 365, and other enterprise tools. It also integrates with Salesforce, ServiceNow, and other cloud-based applications. “These connections are vital to any next-generation identity governance approach,” explained O’Donnell.

Functions supported by TheAccessHub include access request management and provisioning, identity analytics and reporting, access certification and governance, and identity implementation and operations. All of these functions are designed to ensure compliance with security paradigms such as segregation of duty and least privilege. The company also offers a subscription-based plugin for ZenDesk.

I asked O’Donnell how he intends to compete with existing identity governance vendors, especially since the old legacy analysts like Gartner focus mostly on mature vendors with longer track records. “We have a unique insight into what enterprise teams are looking for in their identity governance,” O’Donnell explained. “We believe customers will recognize the high return on investment we offer based on experience and understanding.”

I also asked O’Donnell how his identity governance solution deals with emerging hybrid cloud infrastructure, with most companies now transitioning from a traditional perimeter. His response was quick: “Our platform was designed specifically to include this important use-case,” he said. “And our Microsoft Azure hosting provides us with an excellent cloud-based vantage point to support hybrid architectures.”

As an analyst, it’s important to remain impartial about technology vendors, but it’s hard not to root for O’Donnell and the N8 Identity team. With their roots in nearly two decades of supporting IAM projects across Canada, one cannot help but admire their passion for IAM, and their deep insight into the enterprise identity governance equation. Any enterprise team working with N8 Identity will benefit from this experience and insight.

If you support IAM functions in your enterprise – and it’s hard to find any organization of any size, scale, or scope that doesn’t, then I suggest you give the N8 Identity team a call today to hear their pitch. Ask to see a demo of their reporting screens and identity analytics, and I suspect you will be pleased with what you see. And as usual – please share with us what you’ve learned.