From the nuts and bolts IT perspective, identity management has been heavily focused on getting the job of assigning privileges, authentication and access controls efficiently, and simplifying user access across multiple and disparate systems and applications. In large organizations, managing provisioning and de-provisioning, single sign-on, etc. easier, cheaper and, as a side benefit, more secure, as enterprises try to eliminate “ghost” accounts of terminated employees and reduce the security risks and support headaches of multiple passwords. Access governance, on the other hand, approaches identity management from a business perspective. That’s where products such as NetIQ’s Access Governance Solution (AGS) and others come in.
Justifying and tracking access roles and privileges from a business perspective has become increasingly important from an overall governance perspective, and, of course, regulatory compliance. Access to corporate resources — basically, we’re talking about applications and information, but it can extend to physical access to sensitive areas such as finance, research, critical manufacturing processes — is perhaps the key business enabler. If identity and access management is the “can-do” piece, access governance or more of the “what do we need to do/why are we doing it/do we need to keep doing it” side of the equation.
Access governance allows the business side to take control of the identity management process based on its requirements and gain oversight and governance over who has access to what and why without getting into the messy side of dealing with complex mappings of roles and user across a spider’s web of IT resources. Automated tools from NetIQ and other vendors in the space, notably specialists such as Aveska and SailPoint, plus Courion and Bhold, and major IT players, including CA, IBM and Oracle. Enterprises have generally developed their own access governance systems, generally around spreadsheets, but these are typically inefficient, error-prone and dependent on internal resources for maintenance and development. So commercial-grade access governance products have emerged in recent years.
NetIQ is an interesting player, in part because of the acquisition of Novell last year by parent company Attachmate. The latest release of AGS integrates the former Novell identity management tools and AGS, enabling what product marketing manager Tom Crabb describes as “bidirectional read and write” between the IT identity management and the business governance systems. This marriage of the Net IQ product and the Novell IDM offerings is a strong factor going forward for NetIQ in the competitive market.
The newest release also dramatically opens platform and database support.
NetIQ’s now broader set of information tools include Sentinel SIEM, promising a wider range of integrated capabilities.