Identity Governance and Administration (IGA) solutions efficiently manage digital identities and access rights across diverse systems and are used by corporate information security, risk management, compliance teams and IT organizations. IGA solutions help businesses strengthen security, simplify operations, streamline onboarding, and improve compliance with government regulations, industry standards or corporate policies.
IGA capabilities are just one part of a unified Identity Security platform and work in tandem with Identity and Access Management (IAM) and Privileged Access Management (PAM) services.
Managing digital identities and access privileges is a significant challenge for many organizations. In today’s world, a diverse collection of users (including employees, contractors, temporary workers and vendors) have access to a wide array of applications and systems scattered across on-premises and cloud-based infrastructure. Yet many IT and security organizations rely on manual processes to onboard users and manage their evolving access rights throughout the user lifecycle — a resource-intensive, error-prone and time-consuming proposition.
It can take days or even weeks for new hires to gain access to the applications and services they need to perform their jobs. And threat actors can exploit over-permissioned or orphaned accounts to steal confidential data and orchestrate attacks. Data breaches and cybersecurity incidents can damage a company’s reputation, disrupt business and result in costly regulatory fines and legal settlements.
IGA solutions are designed to help businesses improve oversight, eliminate human latency and error, and mitigate risk by automating routine digital identity and access rights management functions.
IGA Features and Capabilities
Many Identity Governance and Administration (IGA) solutions provide a range of features and capabilities, including:
- Identity lifecycle management functionality to automate and simplify the processes associated with onboarding and offboarding users, assigning and managing access rights (entitlement management) and monitoring and tracking access activity
- Self-service capabilities allowing users to request access to specific systems, applications or services on an ad hoc basis, with little or no IT involvement
- Off-the-shelf workflows to intelligently route access requests to supervisors for approval, and automatically provision permissions
- Access certification functionality that can make it easier for administrators to periodically review and update access privileges across applications and systems
- Access discovery functionality to automatically identify all user accounts and entitlements across hybrid IT environments and SaaS solutions
- Built-in integrations with HR systems, directory stores and help desk applications to automate provisioning and streamline user onboarding, offboarding and role changes
- Built-in integrations and plug-ins for popular SaaS solutions to automate identity lifecycle management functions
- Analytics and reporting functionality to demonstrate compliance and simplify forensics investigations and audits
Improving Regulatory Compliance
IGA solutions help organizations comply with a variety of government and industry regulations and architectures including:
- Data privacy mandates (HIPAA, GDPR, CCPA, GLBA)
- Cybersecurity rules (SOX, SWIFT CSCF, EU Directive on Network and Information Systems, NERP CIP, FISMA)
- Cybersecurity frameworks (COBIT IT Governance Framework, NIST Cybersecurity Framework, NIST Framework for Improving Critical Infrastructure Cybersecurity, NIST SP 800-207 ZTA)
Some IGA solutions include detailed event logs, administrative reports and dashboards that IT, risk management and security professionals can use to monitor compliance and provide evidence of compliance to internal auditors or outside attestation firms.
Solution Packaging and Deployment Models
Security vendors offer IGA solutions in the form of traditional software solutions, as SaaS solutions and as managed service offerings. IGA solutions are offered in standalone fashion or fully integrated with Identity and Access Management and Privileged Access Management solutions as part of an end-to-end Identity Security platform.
Learn More About Identity Governance and Administration