The Navigate ’18 customer Identity Panel proved to be a fascinating mix of organizations at various stages of their identity management programs. The differences ranged from a health insurance provider that has a successful role-based access control implementation in place to others who are focused on enhancing and automating much of their identity management efforts.
The panel of customers were asked about their biggest challenges and concerns. “Identity management helps to provide a safety net for our access team,” said Tressa Springmann, SVP and CIO at nonprofit healthcare corporation LifeBridge Health, based in Baltimore. “The access team has a big job, and when problems occur they need to be backed by technology that supports them,” she said.
Rob McCurdy, CIO at Michigan State University cited the ability to help faculty at the University be as efficient as possible. “We need to make it easy for users to get the access to the resources they need. This is critical when you have researchers studying cancer or water quality. They should just be able to simply access the resources they need,” McCurdy said.
Michigan State University is a new SailPoint customer, and one of McCurdy’s concerns was trying to get too much done too quickly. “We want to be careful and not try to boil the ocean, but at the same time we are excited to get as much done as we can and add value,” he said.
Cloud and the accelerating speed of business
Organizations today are relying more and more on cloud services and today’s panelists were no different. But while enterprises have turned to the cloud for many types of applications, many have yet to make the move when it comes to certain security technologies, such as identity management. But that’s changing. “I’ve worked with on-premises identity management systems, and they are powerful, but they come with liabilities,” said Jim Kastle, chief information security officer at Conagra Brands. “You have to manage the server, the software, and worry about the patching and security and other things,” Kastle said.
Kastle said when they moved to a cloud-based identity management system they were able to deploy in three months.
Humana’s director of access management, Andy Weeks, spoke about how cloud helps the health insurer keep up with the accelerating pace of their business. “We look to cloud to speed velocity. It’s very important for users to be able to keep up,” he said. In addition to turning to cloud-based identity tools, Weeks said they are always looking for ways to accelerate the pace of their identity management team.
That includes managing new system changes, looking for ways to extend their existing role-based access control program, and identity analytics. “We need data analytics to be able to intelligently make better decisions,” Weeks said.
Paul de Graaff, who leads security and compliance at Weight Watchers told how Weight Watchers has been cloud first for a few years now, and that’s why they turned to a cloud-based identity management service. Today, Weight Watchers is evaluating how AI and identity analytics can help expedite user onboarding and management. “AI can also help with the access re-certification process and help us get better identity insights about our environment,” he said. They are now also now working toward the implementation of role-based access control.
Identity helps clear the clutter and drive innovation
Identity management has helped Conagra streamline their helpdesk. Kastle said by enabling self-service password resets they were about to clear away 40 percent of their helpdesk calls, which were all password related. “That’s an easy return on investment,” he said. Another area where they were able to streamline was with identity re-certifications. That process had been manual previously and today it’s automated.
LifeBridge Health’s Springmann said that they are also focused on optimizing their access processes.
“It’s a great time to be establishing and managing access as we are seeing a lot of work around machine learning and artificial intelligence tools,” she said. “We hope to do more work around location-aware [authentication] methods, among others so that clinicians and others can access based on their need to know.”
Humana’s Weeks said he’d like to get Humana to a point where they have zero-request access in place. “At least for a significant amount of customers to get to the point of zero-request access. I think it’s possible with the help of artificial intelligence, and while we may not be able to do that for everything, we will be able to get close and embrace more automation,” he said.