John Ingram’s Post

Here is a great post by Pankaj Bhatta, CISSP, CCSP on the problems IAM Modernization initiatives face in onboarding legacy applications to the identity governance platforms: https://lnkd.in/gQQVGBkH This made me to think and put together a couple of thoughts in this space. Thank you Pankaj Bhatta, CISSP, CCSP for forcing me to think and write 😊 -- Onboarding non-standard legacy applications to an Identity and Access Governance (IGA) stack for their identity and access lifecycle management has been a long standing problem. I have seen many companies tackle the application onboarding issue by allocating a huge budget with a dedicated pool of resources to the enterprise IAM team with the mandate to onboard X number of application in Y number of months or years. In a large enterprise that I had the fortune to work at in the past, I was part of an IAM team that was tasked with onboarding 1,000 or so high priority (SOC1/SOC2/SOX apps) applications to an IGA platform within 6 months; I also did consulting at another company where 200 applications were tasked to be onboarded to an IGA platform in 2 years. In both these instances, the IAM team was doing all the leg work (including dealing with non-cooperative IT application teams that needed their applications onboarded) and ended up underdelivering in spite of the business spending a significant amount of money on the projects. In both these cases, the IAM teams onboarded less than 100 applications. Setting aside the complexities of the IGA platform that required significant amount of technical work to onboard legacy IT applications, the core problem was in tasking a centralized IAM team, who had no familiarity and knowledge of the IT applications, responsible for the onboarding of those applications to the IGA platform. It was hard and time-consuming to understand legacy applications and their security models - it's near impossible for a single IAM team (whose core responsibility is the implementation of IAM solutions) to understand all the nuances of those applications and onboard them successfully. My thinking is IGA platforms will need a paradigm shift where a single IAM team will not be the only the team who can work in it. We need IGA platforms that allow any IT team (whether they know IAM or not) to be able to work in the IGA platform and onboard their IT application, Directory platform (AD or any other directory), database or any other IT asset ON THEIR OWN. We need a SELF-SERVICE MOVEMENT for the IT teams to work independently in the IGA platform instead of relying on a single IAM team. IAM teams should be doing what they do the best - implementing enterprise-wide IAM solutions that other IT teams can take advantage of, while the other IT teams should be onboarding their application on their own and do any operational activity on their own in the IGA platform. #IGA #IAM

Preconfigured Campaigns with Okta Identity Governance (OIG) is now available in Early Access. Why is this an important capability? Software rationalisation has been a trend over the last few years with focus on improved operational efficiencies and simplification initiatives. Gartner estimates that 25% of SaaS spend is underutilised. Also it can take a lot of effort to do deep reviews into access per app. With OIG, in a few simple clicks using a template, an admin will be able to run a simple campaign to find applications that have had inactive users assigned to SaaS applications that are consuming licenses with these other vendors. There is a good chance you are going to find people that haven't used an app in the last 90 days to help reduce cost with vendors and automatically keep your licensing under control going forward with Okta. Watch this video to learn more!

As an enterprise architect in the financial sector, enhancing your IT infrastructure is vital to meet growing demands. A self-hosted solution can address key challenges like disparate data sources and security concerns. With CS:Enable, experience near real-time data unification and schema-resilient integration. Meanwhile, CS:Govern, built on CS:Enable, offers dynamic policy creation and robust security. These solutions lead to better business insights, streamlined operations, and improved compliance. Discover how to build a resilient, secure, and scalable IT infrastructure. ⤵️ https://hubs.ly/Q02QX_hr0 #Salesforce #DataProtection #DataManagement

Is your organization ready to transition to Salesforce? Migrating your CRM can feel daunting, but with the right approach, it can be a smooth journey. Our latest blog covers essential tips for a seamless Salesforce org migration—ensuring data security, minimizing disruptions, and empowering your team for success. Discover the steps to make your Salesforce migration a success! 🚀🔒 https://hubs.ly/Q02XTBCY0

Is your organization ready to transition to Salesforce? Migrating your CRM can feel daunting, but with the right approach, it can be a smooth journey. Our latest blog covers essential tips for a seamless Salesforce org migration—ensuring data security, minimizing disruptions, and empowering your team for success. Discover the steps to make your Salesforce migration a success! 🚀🔒 https://hubs.ly/Q02XTBqN0

A quick how to about linking Auth0 and Okta Workflows

🚀 Uncover the technical synergy reshaping #ECM and #contentservices. From unified orchestration to cutting-edge security, embark on a journey of innovation and growth using Alfresco Software Limited's Digital Business Platform. Please read our article: https://bit.ly/3tA391c #techinnovation #AlfrescoHyland #ECM

Request Variables automate the numerous variations of rules that #identity teams need to consider when creating and updating accounts. When done right, they streamline access requests and enforce IT control. Clear Skye x ServiceNow make this easier than ever before: https://hubs.li/Q02Jpcqj0 #IGA

The COVID-19 pandemic has been a catalyst for change across the globe, and one of the most significant shifts has been the accelerated adoption of technology within government sectors. Our customers have called upon Maven Group to help mitigate the risk introduced to their enterprise in the aftermath of such rapid adoption. The pandemic had a profound effect on the government’s accelerated adoption of technology. For one of our customers, this rapid adoption meant different organizational divisions sponsoring specific applications relevant to individual use cases for their #Salesforce platform, outpacing the #roadmap for the #platformgovernance maturation. As a result, many of the efficiencies granted by standardizing #personas, establishing and enforcing a common #taxonomy and #codebase, and enforcing #platformlevelcontrols were not integrated in their #enterprise. In 45 days, Maven Group had provided this customer a #gapassessment for the platform and developed a revised #roadmap for maturation. In the following months, we established a baseline taxonomy and common #codelibrary for optimizing the platform, and developed a workable  governance structure for #configuration management and platform level #security.  As a result of our support, this customer was able to establish #requirements at the platform level that reduced custom code by 24%, ensured enterprise architecture integrity, and provided #cyberhyigene compliance enforcement at the platform level.

Better service, more flexibility, & lower cost