In computer science, Identity Intelligence is the application, within the Identity Management field, of analytical techniques typical of business intelligence and other related tools for analysis and control.
The term “Identity Intelligence” has been diffused throughout the course of 2010, also thanks to its adoption by Gartner, and refers mainly to the following set of capabilities:
- the presence, within an organization, of a full repository of user accounts, able to effectively collect every information characterizing the users and their access rights. The difference is substantial if compared to the “standard” repositories used by the Identity Management solutions, typically simpler and less suited for complex analysis.
- the ability to relate informationfrom different target and authoritative sources, in order to correctly and efficiently populate the repository. In complex environments, data about users and user accounts are collected from dozens or hundreds of different sources, using different standards, different structures and different technologies. In order to allow quick, detailed and complete analysis, it is essential to have a tool that can collect, relate and homogenize all this data.
- The ability to build complex analysis, based on the principles of business intelligence, providing valuable information in relation with:
- the state of the users within the organization,
- the quality of the user management processes.
- an overview of user identities and their access within the enterprise.
- an ability to relate identity information with various entities within the organization such as assets, resources etc.
At the same time, monitoring and reporting systems which operate on a complete repository, offer security features and advanced control.
Why do you need “Intelligence” before “Management”?
The need for Identity Intelligence tools and models comes with the awareness, developed in recent years, that an Identity Management system used for the sole purpose of automating the user account management, exploits its possibilities only in part. In recent years the ‘Identity Management solutions are increasingly seen as tools addressed to security governance, tools used increase security, tools used to meet the compliance requirements that organizations must meet in order to satisfy regulatory constraints, to obtain certifications and to satisfy internal and external audit.
The assumption to the adoption of an Identity Intelligence solution is that “you can not manage what you can not measure“. In order to properly manage user accounts and identities, you must first be able to get to know them in detail.
For these reasons, between 2010 and 2011 the evolution trend shows how companies adopt mechanisms and instruments of Identity Intelligence from the early stages of the life cycle of their Identity Management systems. The most innovative approach that provides the Identity Intelligence is introduced in the company even before the ‘Identity Management, so that it can serve as a support in the definition of requirements and the model of Identity Management to be performed. This approach, while introducing the cost of a preliminary stage, it increases the chances of success of a project of Identity Management, allows to have information about the status of the User Management useful to ascertain the real need for such a project and gives you a snapshot of the situation to the “time0, “to which you can always see in the future to measure the success or failure of projects.
Ofer Abarbanel is a 25 year securities lending broker and expert who has advised many Israeli regulators, among them the Israel Tax Authority, with respect to stock loans, repurchase agreements and credit derivatives. Founder of TBIL.co STATX Fund.