Content of Figures
- Figure 1 Current IGA is primarily focused on static entitlements and SoD (Segregation of Duties) for financial risks, but doesn't cover all business-relevant access risks
- Figure 2 IGA as of today focuses on static entitlements of on premises applications. However, access risks derive from all applications, and beyond access risks. Future IGA has to expand its focus.
- Figure 3 Microsoft EMS (Enterprise Mobility + Security) provides an integrated solution, well-beyond the traditional focus of IGA.
Commissioned by Microsoft
IGA (Identity Governance and Administration) is one of the core disciplines of today’s IAM (Identity and Access Management). IGA factually is a comb ...Login Free 30-day Select Access Get full Access
- Identity & Access Governance’s shifting focus from on premises first to cloud first, supporting all types of services
- The need for Identity & Acce ...
3 Identity & Access Governance: More than on premises, more than Least Privilege
IGA has to support the entire breadth of today’s IT infrastructure and business applications. With the shift to the cloud, the focus is shifting fro ...
Static entitlements only define which access is allowed or not, but don’t address which access factually happens. There are various situations of fr ...Login Free 30-day Select Access Get full Access
4 The new focus of IGA: Entitlements, Devices, Access
IGA must support all types of services, regardless of the deployment model. IGA must support all types of users, from employees to consumers. IGA must ...
However, it does not deal with other challenges such as
- insecure devices that e.g. carry malware
- attacks that run in the context of users, via s ...
5 The solution: Integrated IGA from the Cloud
Running IGA from the cloud delivers best support for today’s cloud-centric IT infrastructures. It also allows for orchestrating various security ser ...Login Free 30-day Select Access Get full Access
6 The Microsoft approach on IGA from the Cloud
Microsoft Azure AD Identity Governance is a set of capabilities for delivering IGA from the cloud. It integrates with other Microsoft Azure based secu ...
For managing the identity lifecycle, Azure AD delivers a set of capabilities. Users can be managed directly within Azure AD. Azure AD also supports fl ...Login Free 30-day Select Access Get full Access
7 Action Plan for implementing IGA as a Service
IGA should become a service. This shouldn’t be simple a tools choice, but part of revisiting the IT strategy, the IT security strategy, and the IAM ...Login Free 30-day Select Access Get full Access
8 Related Research
Advisory Note: Redefining Access Governance - Beyond annual recertification - 72529
Advisory Note: Working to the Business not the Auditors - 70865
Leadership Compass: Identity as a Service: Single Sign-On to the Cloud (IDaaS SSO) - 71141
Leadership Compass: Identity as a Service: Cloud-based Provisioning, Access Governance and Federation (IDaaS B2E) - 70319
Executive View: Microsoft Azure RMS - 70976
Executive View: Microsoft Azure Stack - 72592
Executive View: Microsoft Advanced Threat Analytics - 71554
Executive View: Microsoft ADFS: Active Directory Federation Services - 71126
Executive View: Microsoft Azure Blockchain Services - 71332
Executive View: Microsoft Azure – Security and Assurance - 71282
Executive View: Microsoft Azure Active Directory - 71550
Executive View: Microsoft Azure Information Protection - 72540