Implementation of Time-Based Access Control in Sailpoint IdentityIQ
Laukkanen, Teemu (2024)
2024
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2024052918030
https://urn.fi/URN:NBN:fi:amk-2024052918030
Tiivistelmä
Identity Access Management (IAM) systems are essential for modern digital infrastructures, managing user permissions effectively to enhance security and efficiency. KPMG sought to integrate SailPoint's IdentityIQ, focusing on its dynamic access rights management through the Sunrise and Sunset functions. The implementation involved qualitative research, including an integrative literature review and testing in a pre-existing environment.
The study revealed that while the Sunrise and Sunset functionalities could potentially reduce the support team's workload and enhance cybersecurity, their integration into legacy systems posed significant technical challenges. Specifically, the established workflows were disrupted, and the management of accesses became complex due to new attributes required by these functionalities. Furthermore, the technical setup required substantial changes to the database and entitlement management, necessitating extensive customization.
Conclusively, the findings demonstrated that the introduction of time-based access controls into established IAM platforms requires careful planning and consideration of existing system architectures. While these functionalities offer considerable benefits in terms of security and operational efficiency, their deployment in large-scale environments involves overcoming substantial technical hurdles and ensuring that all system components can accommodate the new features without compromising the existing functionalities. The research highlighted the necessity for adaptive strategies in implementing IAM features to meet evolving cybersecurity challenges and regulatory requirements.
The study revealed that while the Sunrise and Sunset functionalities could potentially reduce the support team's workload and enhance cybersecurity, their integration into legacy systems posed significant technical challenges. Specifically, the established workflows were disrupted, and the management of accesses became complex due to new attributes required by these functionalities. Furthermore, the technical setup required substantial changes to the database and entitlement management, necessitating extensive customization.
Conclusively, the findings demonstrated that the introduction of time-based access controls into established IAM platforms requires careful planning and consideration of existing system architectures. While these functionalities offer considerable benefits in terms of security and operational efficiency, their deployment in large-scale environments involves overcoming substantial technical hurdles and ensuring that all system components can accommodate the new features without compromising the existing functionalities. The research highlighted the necessity for adaptive strategies in implementing IAM features to meet evolving cybersecurity challenges and regulatory requirements.