The Identity Panel at our Navigate events is always a fantastic meeting of the minds on all the things keeping identity professionals up at night. The insights shared from our panel in Barcelona provided an in-depth look into how companies are embracing the post-GDPR world. We explored the new frontiers in identity – which span users, applications and data – with them. These are the insights they shared.
Identity is a Business Enabler
The sooner businesses realize this, the better. One of our customers highlighted from the very start of the panel: “Identity is often seen as just another tool, but the people in business operations see it as an opportunity to put business processes in place and simplify the burdens of things like regulatory compliance.”
Governing Humans and Non-Humans
The word “identity” has taken on an entirely new meaning in our world. At the start of the conference, our Chief Product Officer Paul Trulove asked our Navigate audience who among them are using non-human users, and about 20% of hands went up. While we are in a moment of transition to bots becoming much more common in enterprises, those working in identity find themselves with a whole new type of identities to govern and manage.
For those in highly regulated environments, RPA has created unique challenges for businesses in addition to the IT challenges, but the overall approach to governing the bots is relatively simple: manage them like you do your other identities. From an identity governance point of view, bots take action on data, manage processes and so on, just like an employee would. They must be managed carefully and given restrictions.
Keeping up with the Applications
How fast can your organization onboard applications? Several members of our panel are dealing with thousands of apps deployed globally or in specific regions. For global enterprises today, this is becoming more common, particularly when paired with thousands of users and data that is growing exponentially.
The sheer volume of business needs today means that there are many needs among individual teams, and, Shadow IT continues to plague enterprises. That’s where identity often comes into play for our customers, including those on the panel. Identity is enabling them to rapidly onboard new applications and to provide convenient access while keeping unapproved applications out of the enterprise. This keeps business users happy and running quickly to do their jobs while freeing up identity teams to tackle bigger picture issues, as our panelists happily confirmed.
Unstructured data – e.g., data stored in file sharing applications like SharePoint, Google Drive and Box – is a big challenge, particularly as regulations tied to how companies must protect sensitive data stored in files keep evolving. However, a word of caution was shared that just playing the compliance game is not a winning game, particularly if it’s at the expense of security. Facing compliance is a great opportunity to work closely with other departments to better understand who your users are and how to govern them properly – and that now needs to extend to governing access to sensitive data stored in files.
When businesses find themselves enabled to do more than simply meet security and compliance needs, and move onward to the things that propel the business forward, that’s an incredibly powerful outcome. By the time the customer panel wrapped up at Navigate Barcelona, our customers had demonstrated very clearly the power of identity at work which is what we strive for with every single one of our customers as they embark on their identity journey with SailPoint.