A common observation from our new NetIQ Access Manager customers is that they implemented it because of access fatigue, resulting from all the complexity of delivering a diverse set of services while keeping them secure. It’s often complex because the who, where and what of access continue to go through dramatic changes while IT’s mindset has not. In the past, everything IT dealt with was under their control — a data center with users on issued devices accessing a closed set of services.
Among the primary drivers of the paradigm shift were cloud based hosting and as-a-service consumption models. Then came BYOD which added multiple touch points into the infrastructure and environment, including some that IT never even knew about. Even today, IT continues to face new challenges beyond just the devices, but how to enable the business to leverage them so they can interact in new ways with their customers, and use that same model to equip their partners and employees better. These two major shifts caused IT to think about access entirely differently, or at least should have.
Meantime, while complexity around user access continues to multiply, business users have made it clear to their IT and the Access Team that being disconnected from work when not at the office is no longer acceptable. Professionals expect to get access simply and securely without introducing unacceptable risk to the business. Often, the root of IT’s access fatigue is a result of tactical projects solving current business problems using siloed technology without any big-picture strategy. Most environments these days are fairly complex, partly because it is more common than not for organizations to have a persistent set of legacy applications that remain core to their business. The main challenge is finding a way to bring these disparate applications together managed as one with a central point of control and a single policy engine.
Perhaps a more important reason for businesses to take a fresh look at their access strategy is their customers. As organizations strive to improve the way that they interact with their clients they are learning that these consumers are becoming more sophisticated with higher expectations. Increasingly, business interactions are digital and mobile (consider how you now interact with your bank via their mobile app). Using a myriad of devices, customers get and interact with personalized information, including private things like health or financial records. If your organization is like most, there are multiple initiatives underway to take advantage of the mobile platforms. If your organization isn’t careful, they will head toward a whole new level of access fatigue. For the relatively few that leverage their existing identity and access layer for their mobile initiatives, they’ll be pleasantly surprised how effective it can be in getting projects done on time while protecting their private information. Projects will move along faster because security won’t be an afterthought and the higher security will result in more powerful interactions that are secure and convenient.
To emphasize the value of a single policy engine, think about the multiple points of control that complex environments typically have across their various services. Organizations can incur substantial overhead costs to manage their infrastructures on a solution-by-solution basis. When policy changes or updates need to be made, they must be done for each solution. If multiple administration points aren’t updated whenever there is a change, uneven enforcement of new policies may allow for improper access. In a situation where there are disjointed silos, it’s quite difficult to keep access policies consistent across them.
NetIQ® Access Manager is a leading provider of access management and single sign-on. Access Manager® provides a simple yet secure and scalable solution that can handle multiple web access needs and works well in complex environments that require more than mere federation integration. Access Manager can be configured to control any type of access to services or resources from cloud, mobile and multiple devices. It can serve as a robust integration point and security layer for external users (customers, citizens, partners) and deliver simple access through silent single sign-on in the background, but can enforce strong authentication when the situation warrants it.
In addition to strong authentication, it also provides the ability to manage a much larger pool of users with self-service tools essential for credential management in a scalable way. Through Federation, Access Manager can leverage social identities used to log in so that users can remember their credentials while keeping policies easy to administer, controlling risk for the business and providing convenience for users.
Whatever access management solution an organization employs, it should provide the ability to protect information and provide convenient access, regardless of what applications and services are used. Access Manager provides the freedom to match the right method to the right device with the flexibility to adapt to new devices. With a single point of management, organizations can remove the complexity from access management.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.