A new year is always an excellent time to look ahead. So, there’s not much of a better time than now to look at some of the identity management trends expected for the year in front of us.
In 2015 even more organizations will perform a so-called risk analysis for information security per position. A buyer with access to a financial package, for example, has a higher risk than a receptionist. When someone is within a specific risk factor, it can then be determined that an extra approval step is needed when that person requests authorizations and resources. Or that a security officer receives a notification when an employee’s risk profile is raised.
Even more systems will be interlinked in 2015, and data will be exchanged between these systems. Ultimately, many organizations would like to use just one source system for all identity-related data, so that data doesn’t need to re-entered in different systems. This will even include systems outside the network, or belonging to external parties. If all systems are interlinked, in principle the rights and resources associated with every individual can be discovered. To be able to achieve this quickly and easily however, it’s necessary to have a complete overview (a master overview) across all the linked systems. This is possible by storing all data in a so-called identity vault. The identity vault is one central data warehouse containing all personnel details and user IDs. The vault will store who someone is, what that identity may do and what he or she has. Because the data in the vault is searchable, a security officer could search for a person, for instance, and then see immediately which systems that person occurs in, under which identities and what he or she is permitted. The security officer can also see who is using which rights per department and team, so that any divergences can quickly be revealed.
HR package changes
Organizations face a significant choice when multi-year contracts with their HR system supplier lapse as most HR solution packages offer their software as a cloud-based solution. Organizational leaders need to evaluate whether such a hosted environment has value for their company. Choosing a hosted environment impacts the organization’s user management. When an HR package is on-premises it’s fairly easy to retrieve information from the HR system and to deploy it for user management. However, if the HR system is in the cloud, organizations become dependent on the HR supplier to retrieve this type of information. By reducing the dependency on an HR supplier or on manually-generated reporting it is possible to deploy a solution for auto-provisioning, which offers a certified connection with both on-premises and cloud versions of various HR packages. Using such a connector means it no longer matters which HR package is utilized, or whether it is on-premises or in the cloud.
Self-service for authorizations
Many organizations introduced HR self-service last year. This type of self-service solution lets employees arrange their own HR affairs through a secure 24/7 portal. So, for example, employees can schedule their days off on their smartphones and other mobile devices and can report sick days; managers also can enter a new employee into the HR system, can keep track of progress interviews and can set or adjust the salary of a staff member. Most HR processes can be handled online in this way rather than by the HR department. And that makes a difference to HR staffing.
Facilitating HR self-service is also often a starting point for organizations to take control of managing authorizations. This will take off in 2015. A self-service portal will grant employees access to applications and network shares, for instance, and will let them request official mailboxes and distribution lists. The manager who has to approve a request receives a notification (often by e-mail) that an application has to be approved. And after that approval, identity management software can ensure that the request is processed immediately.