May 29, 2020
Featured / IT Philosophy

7 Reasons why Identity Access Management (IAM) is essential for your business

Written by Jeff Gaines

If there is one thing that is for certain, it’s that our future state of doing business is going to change.  For some of us, we may go back to the way things were.  Sitting at a cubicle, but only this time, a little further away from the person next to you. Still having water cooler discussions, but possibly having more trouble speaking to your coworker through your 3rd mask replacement.

Logging in to your computer and starting up your document or spreadsheet after getting it from your network drive… Wait.. are we still doing that?  The idea of accessing files located on an on-prem file server, or not securing the path to the information (aside from VPNs) seems risky and lacks the understanding of what you can truly achieve to protect your users, but more importantly, your organization. 

Identity Access Management (IAM) is a secure way to identify your organization’s users, verify their credentials on the device they’re using, and allow them access to the resources needed to be successful.  Think of it as a unique thumbprint made specifically for each user based on their username (email), password and administrative permissions for the resources they need.  There are many ways to achieve this successfully, but before you dive headfirst into the shallow pool, let’s explore the reasons, and processes required to achieve a successful deployment.

1. Improved user experience

No employee wants to manage multiple usernames and passwords for each and every application that the organization needs them to have. Obvious as it may seem, having one unique login process will get rid of the distractions around remembering the endless number of login usernames and passwords for the business applications used.  Single-Sign-On (SSO) products such as  OneLogin help your organization’s stakeholders to automatically login, regardless of the device used, using their primary login credentials.  Whether you want to simplify your authentication process through 2 factor authentication, or get more complicated with government or financial regulated processes, you have the ability to create a unified approach to user access, and provide an environment free of multi -password attempts and failures on behalf of your users.

2. Security

Identity Access management first starts at the admin level.  In setting up a user’s account, you are using their personal email, setting a temporary password, and providing permission to certain applications.  Your sales team might need access to the customer information within your HubSpot CRM, sales or marketing dashboards, or access sales and marketing files located on the GDrive or One Cloud share points.  Your support team might need Zendesk or HubSpot Service Pro to research client history, and everyone will need Slack to communicate. 

Additionally, different levels of your organization may need varying levels of administrative rights, and each SaaS platform may have different designations for various levels of access.  Now think about how many different SaaS subscriptions there are in your organization – how might we manage all of that complexity? Sound like a nightmare?  Only if you leave it unchecked and open for people to access.  Setting permissions allows users to only access the resources you feel are important for them to have.  IAM products that use Security Assertion Markup Languages (SAML) 2.0 can use SSO with deeper levels of security, allowing you to authenticate users, and based on their privileges, only granting them access to the resources and function pertinent to their role, department, work schedule or geographic location.

3. Reporting

When you have a group of users who are identified by their email and passwords, the single-sign-on (SSO) process makes it easy to manage, and identify users and their devices on the network.  Identity Access Management (IAM) systems can ease your IT departments’ stress by being able to identify and restrict access to resources quickly if there is suspicion or confirmation of malicious activity with a user’s credentials.  Organizations, like OneLogin, allow you to run detailed reports on users, apps, and logins in order to provide detailed analysis on how users are accessing information.

4. Modern Collaboration Processes

In today’s day and age, we still find ourselves creating documents, saving them to our desktop or documents folder, sending them to our peers for feedback, or to the boss for review and approval.  In some cases, more and more copies get made, making it really hard to find the original or know which copy is the good one.  The idea around process improvement is to find the best platform to work with, provide a seamless experience, but trust the data is up to date, tamper proof and records a history of changes. 

Platforms like Google’s G-Suite or Microsoft 365 provide tremendous collaboration tools for anyone identified as being a part of the organization.  Because your login is unique only to you, you can share access to documents, provide feedback and allow for changes, and trust that the version you’re working on, is the most up to date.  “Well, Chris, why can’t I just send it to my own email so I can review it there and work on it on my own time?”  The answer, you have to give yourself permission to edit it outside of the company.  Additionally, it will only give you viewing rights, allowing the creator of the document approval rights to allow you to edit it.  Again, providing control over who can access or use the information.

5. Employee choice on devices

I’ll admit, I’m an Apple fan… have been since 2002 and never looked anywhere else for another device.  I’ve bought everything at Apple at least once.  Ok maybe twice, but that’s my love of Apple speaking.  That being said, i still have nothing but professional respect for windows and android operating system devices.  Within their ecosystem, they all work well together.  In this situation, the beauty of IAM/SSO will allow you to grant access to tools, without having to choose which device your employees use.  Truly a dream in employee satisfaction as they get to choose their preferred working device, and all the while enabling the teams to still collaborate together in real-time and on the same platform. 

Large, global organizations, can now provide ease of access to employees, partners and clients in order to be more efficient and collaborative.  OneLogin offers apps that allow users to access any enterprise web-based application anywhere on any device. OneLogin Mobile identity management provides users one-click access to all enterprise apps on smartphones and tablets.

6. Cost-effectiveness

Initially, SSO was meant to reduce the costs of internal help desks solving for Tier 1 support tickets… basically, users locking themselves out of applications due to wrong passwords.  A common problem when you think about the numerous passwords, all with different rules, and none of them being the right one.  With the advent of IAM, it has been able to address far more challenges, while also allowing for those Tier 1 tickets to be resolved.  IAM uses data from existing identity tools (Active Directory or LDAP as an example) and allows you to authenticate against those credentials. 

As we look to the future, IAM will be able to leverage those credentials and take many of your apps and processes to a cloud-based, and truly mobile platform.  With cloud based tools available for desktop and mobile devices, you can authenticate users and their devices from literally anywhere that there’s a network connection, while still having access to audit trails, analytic information, permissions, policies and provide a user experience  that allows access while also being organizationally secure.

7. IAM can spark business growth and productivity.

Let’s be clear.  IAM is not an IT strategy, it’s an entire business strategy.  Organizing and deploying these tools will help to create collaborative tools no matter where your employees are working from.  You can consider mass communication products for the organization with OnSip, Slack, Zoom or Google Hangouts.  Provide collaborative tools within G-Suite or Microsoft 365.  Handle legal documents with PandaDocs. Manage your support tickets with Zendesk.  Provide marketing and sales data using HubSpot.  And all of these can be sourced to the right people and teams through proper installation of IAM tools.

Have a clear understanding of the tools  and resources that the departments and members in those departments need, and ensure they have the right applications for the portion of the business they are contributing to.  This will create a revolution in the way you do business, and create synergies that were commonly left for boardroom discussion, but now allowing employees to collaborate freely without formality.

It is in Interlaced’s DNA to be innovative and provide thought-leading processes to the clients we serve.  Many of the issues expressed in this article are solved by the suite of the tools and partners that we work with and implement for customers.  Let’s plan the future together and provide you the opportunity to be innovative alongside us for the sake of your teams, your security, and your bottom line.

Jeff Gaines

Jeff Gaines

Jeff has served as an operating executive at Interlaced since 2016. He is deeply passionate about driving impact for Interlaced, for his community, and for his loved ones. In his spare time, Jeff loves spending time with his wife and son at the world famous San Diego Zoo, enjoying tacos on the beach in Baja, cheering on the San Diego Padres, adventuring outdoors and playing music with friends. Jeff’s top 3 films of all time are Point Break (the original), Road House and Field of Dreams.