What is Access Consolidation?

Is it time to reduce the cost and complexity of your IAM program?

If your organization is struggling with rubber-stamped access certifications, excessive manual access requests or error-prone onboarding, it may be time to consider an Access Consolidation project.

An Access Consolidation project is exactly what it sounds like, an effort to reduce the complexity of assigning and certifying access within an organization. If you're reading this, I'm assuming you're an IAM professional so you may already be aware of some of the various methods to achieve these results: RBAC (Role Based Access Control), ABAC (Attribute Based Access Control) and FGA (Fine Grained Authorization) are all means of achieving these results. While each of these approaches to access consolidation have their own enabling tools, skillsets and champions, the truth is that they all co-exist because they are all appropriate ways to deal with different relationships between an organization’s identities, access, authorization methods and business requirements.

All organizations are unique, no two have the exact same growth story with regards to people, their access or the way in which it has been assigned. An Access Consolidation program must start with examining the current state of the organization in question and determine which method(s) of Access Consolidation are appropriate. For example, a healthcare provider that segregates user health information by the relationship of its medical professionals to its patients has a very different access organization than an insurer that requires teams of account representatives to be able to access similarly sensitive information. The former benefits far more from an FGA solution for its Electronic Medical Record (EMR) system while the latter would likely benefit more from an RBAC approach. The differences in access requirements across different industry verticals are even more pronounced: a bank isn't organized like a factory, which isn't organized like a retail establishment etc... Each of these requires a different approach to mapping Access Consolidation strategies to their IAM environment.

Mis-applying an access consolidation strategy to an area which it doesn't fit will result in wasted time, effort and money. Attempting to map roles onto the many relationships of a healthcare provider will result in an explosion in the number of roles generated while attempting to use FGA to assign access for bank tellers will require the implementation of an expensive FGA solution that was entirely unnecessary. Expertise in a skillset means knowing how to most effectively use it to solve problems but it also means knowing when it is in the wrong skillset to apply. At Thornton Data Solutions we pride ourselves on our deep understanding of Role Based Access Control, including when not to use it and what the appropriate Access Consolidation solutions are for those areas that it doesn't apply to.

Thornton Data Solutions specializes in helping organizations streamline their Identity and Access Management (IAM) operations. If your organization is experiencing one or more of the following symptoms: Access Certification Rubber Stamping, Incomplete Access Certifications, Excessive Manual Access Requests, Incorrectly Requested Access and Lengthy / Error Prone User-Onboarding experiences then you will benefit from an Access Consolidation Project.

If you’d like to reduce the cost of your IAM Operations please reach out to us and we’ll be happy to schedule a free consultation to help figure out how you can get started on the path towards reducing your IAM Costs and improving your user experience.

In our next Blog post we'll go deeper into the strengths of each of these approaches to Access Consolidation and discuss where they should be used within your organization.