researchHQ’s Key Takeawys:
- Identity governance and administration (IGA) emerged in the wake of increasing regulatory requirements, and were recognised by Gartner in 2012.
- IGA solutions help organisations manage the lifecycles of user identities and more broadly enhance how identities are managed.
- IGA goes beyond traditional identity and access management (IAM), helping organisations to administer identities, meet compliance requirements and audit processes.
- The abilities of IGA are cross-domain, allowing the flexible management of both on-premise and cloud applications.
- Regardless of size, IGA can help organisations fill gaps between incorrect access and security concerns.
Identity governance and administration (IGA) is a policy-based approach to identity management and access control. As the name implies, IGA systems merge identity governance and identity administration to provide additional functionality beyond traditional identity and access management (IAM) tools. Particularly, they offer valuable support in auditing and meeting compliance requirements.
IGA systems can also help automate workflows for provisioning and deprovisioning users. This is especially important given the growing need for users to log on from any place and device, which makes identity and access management difficult to manage.
Before we explore how IGA can support you and whether it makes sense for your organization, let’s define its components:
Identity governance: Processes and policies that cover the segregation of duties, role management, logging, access reviews, analytics, and reporting.
Identity administration: Account and credential administration, user and device provisioning and deprovisioning, and entitlement management.
While an IGA solution will make a lot of sense for most organizations, implementing it can be difficult and time-intensive. As such, it’s important to fully understand what identity governance and administration is before getting started. So, let’s get started.
The history and evolution of identity governance and administration
The need for identity governance and administration solutions emerged alongside stringent data regulations such as the Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA), which required improved transparency and data management. Supporting organizations in these efforts, IGA systems were designed to give organizations better visibility into identity and access privileges and provide better controls with which to detect and prevent inappropriate access to their resources.
The importance of IGA security was recognized when, in 2012, Gartner named it the fastest-growing sector of the identity management market. Then, in 2013, the analyst house launched its first Magic Quadrant for Identity Governance and Administration, which merged its two existing Identity Governance and Identity Administration categories, further solidifying it as an area of priority for organizations.