With the growing volume of access rights to administer across thousands of employees and applications, many large organizations are struggling to manage and secure the fluid nature of user privileges. In response, Accenture (NYSE: ACN) has introduced a next-generation digital identity and access management (IAM) capability to help organizations reduce the risk and costs associated with the over-provisioning of accounts tied to a user's identity.
Aggregating data from multiple systems and sources, the patent-pending IAM capability simplifies the complexity of managing and monitoring who has access to what. It improves and increases the accuracy and speed of near real-time updates to user privileges using artificial intelligence and machine learning to contextualize identity decisions and continuously keep up with ever-shifting changes to user access rights. This will help organizations to proactively identify higher-risk areas that may require more governance, reducing the need for error-prone manual provisioning methods of today’s IAM systems.
“When it comes to managing user privileges, the provisioning of access should be based on precise knowledge of who a person is and why they need it,” said Kelly Bissell, a senior managing director at Accenture who leads its global Security practice. “The challenge is that existing approaches to access management are built on guesswork instead of a complete level of information. With our IAM capability we’ve created a proactive approach to identity management that help reduce human error and cost and helps improve risk awareness and make outliers easier to identify.”
To help determine efficient and secure access, the IAM capability generates a confidence score for each user, continually monitoring access data to ensure that the scores are frequently updated. Low confidence scores indicate potentially risky access, and high confidence scores can be considered for automated approvals, freeing those who conduct manual approvals to focus on unusual patterns and risky outliers. It can also predict and recommend access needs for new joiners in a company, saving time, money and effort in the onboarding process.
In an environment where the average cost to companies from “malicious insider”-related cyberattacks jumped 15 percent in 2018 to US$1.6 million per organization, it has never been more critical to ensure that the right people have access to the right resources at the right time.
“Security breaches that hit the headlines are often due to errors and oversights with access rights,” said Rex Thexton, a managing director at Accenture who leads its Digital Identity practice. “Our new IAM capability gives full visibility and smarter management of access rights throughout the entire enterprise landscape. With just one click it streamlines, simplifies and accelerates permission decisions through an easy-to-use interface. Until now, nothing this advanced has been available in the market that can provide the next level of transparency needed to deliver better management of permission requests.”
“We see enormous potential to transform our current identity access model from a static interface to a dynamic, intelligent and scalable resource that can increase efficiency and reduce costs,” said Kurt Lieber, chief information security officer of Aetna. “This type of transformation gives us the ability to make better decisions faster, so the right people get access to the right business resources at the right time.”