In the current climate, higher education institutions face numerous extraordinary challenges in managing identity and crisis. Remote access has become the norm, introducing new variables to the higher education equation as students, staff, and alumni have unprecedented access to a growing number of resources that are also open to attack.
Furthermore, higher education budgets continue to be in flux forcing IT and security teams to reduce risk and operate with fewer resources. Automation has become necessary to make this new educational organization equation add up. It is the vital business enabler that empowers your organization to do more with less and is paramount to identity and access management's (IAM) success in this new remote access paradigm.
Many higher education IT leaders acknowledge this emerging need for IAM, consistently implementing it across their organizations. However, a recent survey from Hitachi ID and Pulse uncovers a discrepancy between the IAM processes currently in place and what best practices genuinely are — especially when it comes to the benefits of IAM automation. Across a large sampling of higher education institutions, IT decision-makers have implemented IAM but are conflicted between the benefits of governance and automation.
The Conflict: IAM Implementation vs. IAM Best Practice
When asked if a governance-first initiative is the most effective way to initiate and manage an ongoing IAM program, almost all of the surveyed IT leaders at higher education institutions claim that access governance is the best approach to IAM. In fact, of the 98% who have implemented an IAM program, almost two-thirds have invested in IAM governance, including 52% who have also implemented IAM automation.
When higher education IT leaders were asked if their organization had made investments in access governance or identity and access automation, however, the results demonstrated a disconnect between IAM beliefs and action:
- 52% had invested in both access governance and automation
- 33% had invested in just access automation
- 13% had invested in only access governance
- 2% had invested in neither governance nor automation
Moreover, while these leaders say governance is the best approach, 97% also claim that IAM automation is necessary to maintain compliance. This statistic further reiterates the clash between what respondents have implemented today and what best practices truly are for IAM processes.
The Resolution: Automation Benefits and Goals Drive Convergence on IAM Implementation
Despite this divide between beliefs and practices, the data demonstrates that higher education IT leaders are looking to complement access governance with automation. Most institutions are planning to automate their IAM completely. This best-practice combination has been recognized by IT leadership as a way forward in this digital and remote access-first environment to boost the productivity and security of their organizations.
Already, 64% of IT leaders at higher education institutions have automated IAM processes like provisioning and deprovisioning of students, faculty, and alumni, but there are still many recognized areas of opportunity, including:
- Life cycle management
- Self-service requests
- Risk score assignment
However, they admit that the only thing holding back further implementation are budget and existing infrastructure investments. Despite these barriers, approximately two-thirds of higher education IT decision-makers see it as an opportunity to reduce security risk, boost confidence in compliance status, and make a conscious shift from reactive to proactive threat detection. Moreover, almost all IT leaders see IAM implementation as an opportunity to improve the end-user experience in the wake of a year of mass work-from-home migrations, rising layoffs, and an ever-growing list of remotely accessed resources.
In a year filled with so many of these unforeseen changes and a new dynamic digital-first higher education paradigm, IAM automation and governance are the best-practice methods to meet these challenges with a proactive and future-focused strategy.
Review additional results of our survey and learn more about IAM automation for higher education in our free resource: Higher Education IT Leaders Are Looking to Complement Access Governance With Automation.
$144.2 million: The amount that victims of the 11 most significant ransomware attacks in 2020 (so far) have spent recovering from these cyber assaults. The staggering...
In the last two years, 79% of organizations have experienced an identity-related security breach, according to research from the Identity Defined Security Alliance...