Business operations are becoming more complex as the number and type of users increase, coupled with their ability to access a growing diversity of IT services. Companies must be able to identify who the users are, their role in the organization and what data they are authorized to access.
Identity and access management (IAM) ensures that individuals can only access data to which they are entitled. The growing importance of identity is also being driven by governance, risk and compliance (GRC) requirements to ensure that companies continue to operate within the boundaries of changing regulations. The links between IAM and GRC are being strengthened to automate controls and support risk and compliance processes.
IAM for Enterprises
Enterprises need to securely control access to resources, while meeting increasingly rigorous compliance requirements. The Edgile approach begins with helping you prioritize IAM capabilities around your key business drivers. By working together to define both current state and future state IAM business processes, we can more effectively align the program with your key stakeholders. Our efforts are organized in short project sprints that drive business value quickly, while managing risk to the complete IAM solution.
To ensure alignment with risk and compliance requirements, Edgile also helps you connect IAM efforts with GRC capabilities to automate controls and support processes. This includes the area of identity and access governance (IAG) and privileged access management.
IAM for External Users
IAM for users operating outside the enterprise presents additional challenges because it focuses on the consumer experience. These individuals are given access to services or systems you provide and include consumers in the retail, food or travel industry, patients in the healthcare industry or subscribers to an online or mobile service.
These users trust your business to secure their personal information and want full control over how much information is shared and with whom. For example, in healthcare, a patient who subscribes to a service that provides lab results will want the ability to choose which test results are shared with certain doctors or family members. Or a retail consumer may authorize the retailer to access his or her birthdate for loyalty program purposes, but may choose to opt out of third-party promotional emails.
Realizing Business Value with IAM
Edgile helps you focus on driving business value through our IAM services framework, which defines a holistic set of enterprise IAM service capabilities ranging from day-to-day management of user access to compliance reporting.
For external users, Edgile can help map out a strategy and roadmap using a similar approach to enterprise IAM, but with a different focus and technology partners. GRC continues to play a role in guiding towards compliance and risk management. Edgile is an active contributor in the Cloud Security Alliance’s Mobile Working Group and a voting member of the new specification called User Managed Access (UMA).