2019 SailPoint Identity Insider Magazine - Magazine - Page 39
Governance Data
Governance data is different. These are the
decisions that people in your organization make
about which access is warranted and which is
not. Primarily, this comes from certifications and
access request approvals. The unfortunate truth is
that when an employee is greeted with an access
certification that has hundreds or thousands of
pieces of access that they must approve or revoke,
they tend to just pull out the rubber stamp and
approve everything. And so, what could be a gold
mine of data is instead a wasteland.
Here’s how we get from the desolate present to a
bright, shiny future: Imagine a giant knob – when
you turn it all the way to the left, you have no
artificial intelligence and when you turn it all the
way to the right you have full artificial intelligence.
When we begin, the knob will be turned all the way
to the left. In this position, we use configurable
rules to determine what should likely be approved
and what shouldn’t.
“Machines can only
get intelligent – and
actually useful – if we
feed them good data.”
S AV E T H E D AT E
For example, if the “Financial Reports
Administrator” entitlement has been approved
for one Sr. Financial Analyst within the past six
months and 75% or more of the other employees
with the same title also have this entitlement, then
it should likely just be approved without a certifier
having to see it. Now that the bulk of certifications
are automated, certifiers have more bandwidth to
notice unusual access and provide some nonsucky data by revoking things their employees
shouldn’t have. Now that is something that the
machine can really learn from!
2020
There you have it. Now the elephant in the room is
out in the open. The faster you get through anger
and denial, the faster you can start turning that
data into something beautiful. And trust me… when
you see what is on the horizon for the next wave of
identity governance, you will be glad you did.
JUNE 15 - 17
AUSTIN, TX