Among the trends that are currently tracking strong for 2018 is the growing demand to unify identity lifecycle management so that multiple departments and teams can engage and collaborate through the full range of employee on-boarding, badging and access management activities.
During a period when trusted identities are emerging as the fundamental building blocks for connecting an organization’s people, places and things, Physical Identity and Access Management (PIAM) software products are playing a key role by enabling organizations to connect together the enterprise’s multiple physical access control systems (PACS) to other parts of its IT systems ecosystem, such as user directories and HR systems. As they do this, they are changing how organizations look at security and in particular how they manage identities.
PIAM software works with existing hardware and infrastructure to collect, collate, store, process and analyze identity and other data from multiple security and non-security solutions. By connecting into a variety of PACS systems across multiple sites, PIAM software standardizes the way organizations manage trusted identities for their employees as well as contractors, visitors and even their suppliers, tenants and vendors. PIAM software also connects with HR systems as well as user directories and systems for training management and other processes. It can also be used to tie in key external services for running background checks or verifying identities.
Today’s PIAM products centralize the management of these tasks into a single administrative console. PIAM reporting and analytics capabilities enable organizations to mitigate enterprise-wide security risks using consolidated data from many different systems. PIAM software also makes it easier to issue, manage and use a single credential across both physical and IT security systems for everything from opening doors to accessing networks, data and building services, eliminating the need to deploy multiple solutions to achieve this capability.
PIAM solutions dramatically streamline workflows by reducing the internal email traffic that would otherwise be required for requesting and granting access. This improves operational efficiency while eliminating the errors that often occur with repeated manual data entry at each stage in the process for defining and granting access permissions. The risk that unauthorized users can access active credentials is minimized because the system generates and enforces well-defined procedures for issuing and revoking badges. The PIAM system also facilitates enterprise-wide audits of access privileges so that an organization knows it is compliant both with their internal policies as well as those mandated by external regulatory bodies.
These PIAM capabilities will solve a number of difficult challenges. Organizations struggle today with evolving technologies, fragmented systems, and difficult decisions about whether to lease or buy facilities, so the traditional way of managing access control on a building-by-building basis has become extremely challenging in this environment. Administrators must issue separate credentials to employees and contractors depending on their destination, the underlying PACS system there, and the permissions that must be managed.
PIAM software solves these problems by enabling an enterprise-level people-centric, (rather than building-centric), view of identity management, for today’s more fluid and flexibly deployed workforce. In other words, in the same way, that HR systems support the entire workforce regardless of location, PIAM software extends this approach to the security function. Organizations can manage all employee identities with a single PIAM solution, and issue a credential across all buildings, systems, permissions and associated workflows, regardless of the underlying access-control system.
Even in the rare instances when there is common technology across all sites including those that have been acquired, there is still the need to tie the access control system into other systems for visitor management, and to integrate with the HR system for identity checking, background checks and training compliance. PIAM software’s ability to unify identity management in this way helps make security invisible to users and more efficient, automated and scalable for the organization, which can now create enterprise-class self-service portals that simplify the process of managing badging issuance, replacement and other workflows. This approach is also far more automated and scalable across thousands of people.
Another benefit of PIAM software is that it can help build a bridge between people and buildings. There will always be high value in an access-control solution layer that extends across all of the organization’s facilities and enables them to know who is working at each location and which buildings they can enter and interact with. With PIAM software, organizations have a single consistent way to manage the underlying identity of each person – the collective set of attributes including name, location, manager, length of tenure, etc. -- that define each person’s identity within the organization.
PIAM software ties everything together so that organizations can know that employees are who they claim to be as they move through multiple facilities and access their services. This approach is critical for creating an identity-aware environment in the Internet of Things (IoT) and can be further improved with biometrics for even greater efficiency and an optimized user experience.
PIAM software will also help the industry prepare for a new era of identity analytics. It will enable data about user identities to be used not only for securing access to buildings and services, but also to optimize the user experience in an increasingly connected world. PIAM solutions are the ideal place to leverage analytics that helps identify current and emerging security threats while personalizing the user experience based on his or her needs, habits and preferences.
Moving forward, the more data about user access activities that PIAM delivers using digital and mobile IDs, the more effective organizations will be at thwarting cyber attacks, catering to user needs and maximizing enterprise efficiency. Deep learning from analyzing behaviors, biometrics and predictive analytics will lead to minimum-downtime intention-detection services, seamless access solutions, optimized workflows and other artificial intelligence (AI) capabilities.
Growing adoption of PIAM solutions will help organizations connect disparate physical and IT security systems, improving efficiency and security by standardizing identity management for employees, contractors, visitors, suppliers, tenants and vendors. PIAM solutions will enable organizations to adopt a more people-centric, rather than building-centric, view of identity management workflow, so they can create a seamless access experience across the enterprise that helps make security more invisible to users. PIAM solutions will also provide the bridge between smart buildings and today’s more fluid and flexibly deployed workforce, and pave the way for a new era of identity analytics that will improve security while enabling more personalized user experiences.
About the Author: Julian Lovelock is Vice President of Quantum Secure - Identity & Access Management Solutions (IAMS) with HID Global.
