One Identity Manager 8.2 is GA today! There are many enhancements in Identity Manager 8.2, but I want to take some time to highlight three of the cool new features of this release.
The primary goal of application governance, one of the new features of Identity Manager 8.2, is to improve application onboarding. As you probably know, application onboarding can be a long and laborious process that typical involves the IT IGA administrative team “interviewing” the application owners or whoever best knows how the application is to be used. The interviewing process is to primarily find out what the roles are for the users and what access rights those roles should have. Of course, there are other items, such as who should approve access rights, etc. However, the interview process is time-consuming and error prone. The IGA administrators often find that what they thought they heard was not accurate. This results in multiple iterations of changes until the roles and assignments are correct.
Enter application governance - which provides the ability to delegate the creation and administration of some of the configuration items to people in other groups who know best the user assignments. They then can take responsibility for role definitions. It also allows for parallel tasking by enabling resource owners to focus on resource entitlement administration while other teams work on their definitions. Plus, then the IGA administrators can focus on keeping the IGA functioning correctly. By enabling folks who know user roles to focus on definitions means there’s a higher chance of things being defined accurately, which results in faster time to onboarding applications.
Oh, and there are other advantages of Identity Manager 8.2’s application governance feature. Specifically, non-IT groups get the ability to view the role data through a business lens versus a technical lens.
Microsoft Teams integration
Microsoft Teams support is the next item that we will discuss. Identity Manager 8.2 delivers a new connector to Microsoft Teams. I think we all know that Teams is no longer a luxury. The worldwide pandemic has elevated the application to mission-critical level for most enterprises. With One Identity Manager 8.2, you can now perform the following functions on a Teams system:
- Execute CRUD operations on Teams and channels
- Manage the owners of Teams
- Create business processes to improve control and oversight
Last, but not least, One Identity Manager 8.2 offers a new feature called object tagging. The purpose of object tagging is to assist an enterprise in attestations or certifications. If you’re an Identity Manager administrator or approver, you know the headaches that come with having to re-attest or recertify user rights. Depending on the scope, it can be very time consuming for the managers or resource owners to ensure that each person still deserves to have the rights that are being questioned. One Identity Manager already does a great job of managing certification campaigns, and object tagging will make it even easier. Here’s how it works:
The IGA administrator defines a policy indicating that when a change occurs for an identity or other object, that object should be flagged with an administrator-chosen text ‘tag’ based on what was changed.
Next, an attestation/recertification campaign can be created in the normal ways that can specify to only include those items that were changed in this campaign. This guarantees that no one is being asked to approve something that had not changed.
In reality, there are still reasons why user rights need to be certified even if no changes had occurred. But, with Identity Manager’s new object tagging feature, this allows for more frequent campaigns to be performed to ensure proper compliance, which, in turn, results in the ability to better smoother and better audit results
In addition to these three capabilities mentioned above, here are some other features of Identity Manager 8.2 that could have also been in my top three:
- Database performance and scalability enhancements – Identity Manager 8.2 offers a couple of new features. One is the ability to split your database by identities and accounts for one, and activities and processes for another. This is a great feature for our larger Identity Manager customers. Another database performance feature is to be able to use a secondary replica database for read-only queries.
- SAP connector changes – As you know One Identity has a close relationship with SAP, which allows us to deliver a premier SAP integration. With 8.2, that integration has been improved to support all entry points (not just transactions). This includes applications like FIORI.
As I said, there are tons of new features in One Identity Manager 8.2; more than I have room to mention. Once the update of Identity Manager has released, check the release notes for more information on those. If you have any questions, please contact us.