IGA Hyperautomation – WHY BOT?!

April 4, 2022

  • Effectiveness of access controls continues to be critical to an organization’s security posture, which in turn relies significantly on the maturity of identity governance and administration (IGA) processes and platforms.
  • However, there are still considerable gaps that IGA solutions simply can’t close.
  • This post discusses how hyperautomation can be leveraged to extend IGA capabilities, close these gaps, and help organizations realize the true value of identity governance.

 


 

New Year, Same Challenges

For many across the world, 2022 started with a sliver of hope, and so far it’s been living up to expectations. For us in the world of cybersecurity, this year brought renewed challenges, but as always, there’s no dearth of excitement. These challenges are getting even more daunting with the geo-political shifts our world is going through. One of my New Year’s resolutions is to watch even more closely the threat vectors and vulnerabilities mushrooming at an exponential pace. As I review Optiv’s daily Threat Intelligence Report, I continue to see a trend that unfortunately isn’t new – ransomware continues to wreak havoc, social engineering attacks are on the rise, insider threat continues to be a major concern and, of course, threat actors are preying on organizational assets in the cloud. We’re also seeing the growing sophistication of these threats, but no matter how sophisticated they are, the delivery mechanism continues to be traditional. The delivery still relies on:

 

  • that one compromised user credential
  • that one misconfigured privilege
  • that one unaware individual who falls for a phishing attempt

 

Given this vehicle for exploit delivery is more than often a human or a machine identity, it isn’t a secret that effective access controls continue to play a critical role in curtailing these attacks.

 

 

Strong Identity Governance Capabilities Are Still the Cornerstone

It’s a fact that enterprises across the world continue to invest heavily in building their identity and access management (IAM) and identity governance and administration (IGA) capabilities. What’s surprising, though, is the weak correlation between investments in IGA capabilities and maturity of identity-related controls across enterprises.

 

To analyze this correlation further, let’s take a closer look at a few patterns from the context of IGA:

 

  1. Identity governance solutions still do not address a critical mass of “edge” cases, significantly limiting the overall effectiveness of the solution.
  2. Complex organizations have convoluted IGA processes that an IGA solution cannot simply mimic. Moreover, redesigning those processes is a daunting challenge that doesn’t fall under organizational priorities.
  3. Even the simplest of IGA processes still rely significantly on manual processes for last mile fulfilment (especially IT service management).
  4. Identity governance and visibility in cloud continues to be a challenge, worsened by the lack of mature off-the shelf solutions providing that visibility.

 

The list can go on, but the bottom line is: identity governance is a big puzzle, and an IGA solution is indeed a significant piece that completes it. However, we’re still missing tiny but key interlocking pieces, without which the puzzle will continue to have gaps. Unfortunately, these gaps are large enough to open the doors to an organization’s crown jewels.

 

Traditionally, enterprises plugged these gaps mainly through excessive customization and custom scripting outside their IGA and / or ITSM platforms. Indeed, some large organizations have leveraged RPAs and AI OPS, which unless managed firmly, end up creating additional silos and disconnects, defeating the very purpose of the solutions.

 

Completing the Puzzle with Hyperautomation Through Readibots

 

Image
hyperautomation-blog-inline_auto1

 

“Hyperautomation,” an approach for rapidly automating business and IT processes, continues to be an emerging trend in technology. Optiv has partnered with Readibots, a cloud-based automation platform that leverages Hyperautomation to solve the IGA gaps by enabling the interlocking pieces between organizational assets (on-prem and cloud), IGA solutions and ITSM platforms.

 

Readibots accomplishes this by following the product’s core principles:

 

pam icon 2

 

Technology and Architecture Agnostic

 

  • Supports cloud, on-premise, hybrid and multi-cloud
  • READI Automation Language built to work with industry standard PowerShell
learn-from-history-icon

 

Automated and Intelligent

 

  • Automate existing processes without changing them
  • Rapidly create any business logic into your automations
Simplicity Icon

 

Scalable and Repeatable

 

  • Built on Microsoft Azure for infinite scalability
  • Build one bot and use it for IT, service-desk & lights-out automation and user self-service
  • Reusable low-code READI Modules to manage IT & business systems and consume any data sources

 

 

A Brief Case Study

 

Context:
A Business Process Outsourcer (BPO) with ~100,000 employees (full time and contractors) had significant dependency on its workforce to be prepared to fulfill client commitments starting Day One.

 

Challenge:
A significantly higher contractor turnover rate meant considerable delays in onboarding and offboarding the resources, resulting in Operational, Security and Compliance risks.

 

Root Cause:
Complex onboarding and offboarding workflows in the existing IGA solution (Oracle), with excessive dependency on IT Admins for ITSM (ServiceNow) ticket fulfilment.

 

Image
hyperautomation-blog-inline_auto5

 

Solution:
Rapid automation of the manual administrative processes associated with ITSM ticket fulfilment released admin overheads and drastically reduced response times, all without the need for process redesign or re-engineering.

 

Image
hyperautomation-blog-inline_auto6

 

 

 

Following Hyperautomation approach with Readibots, key IGA processes were automated within 45 days, reducing fulfilment window from 72 hours to 3 minutes, with 1 admin instead of 12.

 

 

Agile Delivery of IGA Automation Through Rapid Application Development

Success of Hyperautomation relies heavily on two attributes – speed and agility. As we continue to mature IGA automation at Optiv, these two attributes remain key to our methodology. We have been successful in blending in our knowledge of automation through PowerShell, IGA and agile delivery to design an optimized approach that significantly accelerates the value realization process.

 

Image
hyperautomation-blog-inline_auto7

Optiv’s Hyperautomation Methodology

 

 

Conclusion

Effectiveness of access controls continue to be critical to an organization’s security posture, which in turn rely significantly on the maturity of IGA processes and platforms, an area that continues to see investments. Notwithstanding this correlation, we continue to see security vulnerabilities exploited due to weak access controls. Additionally, the convoluted business processes result in edge cases that are simply not addressed by IGA solutions. These conditions create a void that require extending the capabilities of IGA solutions by relying on manual workflows, resulting in further security, compliance, and operational risks.

 

Hyperautomation in IGA addresses these challenges by providing an integrated and centralized framework for building rapid automation of workflows and processes without the need for process redesign, and siloed automation and workarounds.

Sagnik Mukherjee
Sagnik Mukherjee - Senior Practice Manager | Optiv
Sagnik has more than 15 years of experience developing organizational capabilities across technology, enterprise risk, cybersecurity and compliance functions. At Optiv, Sagnik helps organizations develop, execute and optimize program strategies to enhance capabilities across risk, identity and access management, and cloud security.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.

Related Insights

Image
generic_list_476x210

 

IGA - Identity Governance and Admin

 

IGA is a component of an Identity Access Management (IAM) program that ensures only the right users are getting access to the right applications at the right time.

Image
Identity-governance-administration-list-image

 

Identity Governance and Administration

 

Optiv’s identity governance and administration program designs, deploys, supports and manages business- and future-ready identity solutions.

Image
identity-governance-and-administration-list

 

Identity Governance and Administration Service Brief

 

Optiv’s IGA experts specialize in managing identities while keeping the user’s experience front of mind.