One Identity, the business unit of Quest Software focused on identity and access management (IAM), has made its first move into risk intelligence. One Identity Starling Identity Analytics & Risk Intelligence (IARI) is a SaaS-based solution designed to reduce identity-related risk associated with improper user entitlements or access rights.
“The IARI solution is our first foray into risk intelligence,” said Jason Fehrenbach, senior product manager at One Identity. “It is a brand-new solution, all internally developed, and is the second solution we have built for our SaaS platform.”
Starling IARI analyzes and compares user entitlements to pinpoint situations where entitlements are out of norm and pose an elevated risk.
“Our solutions are focused on access control, and this adds a layer of risk intelligence on top of that,” Fehrenbach said. “It looks to identify high-risk behavior, and is designed to make it harder for a bad actor to get a foothold. By adding risk intelligence on top of access management, the customer will know better where to address their efforts.”
The purpose of Starling IARI is to proactively reduce entitlement-based risk, by determining if an individual’s access rights are appropriate, by identifying dormant or inappropriate entitlements, and remediating high-risk roles before they can lead to possible problems.
“The identity analytics market is relatively new, and the solutions out there today are typically user behavior-based,” Fehrenbach said. “We are coming at it from the other side. We look at risk while it’s at rest, and determine the potential of that risk, before it has even been used.”
Starling IARI leverages a growing pool of data source modules and a cloud-based data collector to aggregate user entitlement data. It uses it to provide an analysis of users’ rights to highlight areas of unacceptable risk and where those rights may be out of line with peers, organizational policy, or role definitions. It also provides for the control of user entitlements and the ability to mitigate risk.
The business case for IARI, Fehrenbach added, is based on the cost of not fully protecting yourself.
“Are you taking all the measures you think you can take?” he said. “This can identify areas of high risk. It brings a clarity and visibility that might not have been there before.”
While risk analysis is typically a fairly complex solution, IARI has been designed to be simple for the user.
“Ease of use was a paramount goal when designing this,” Fehrenbach said. “Being a SaaS is very important in this respect. It has been designed for out-of-the-box ease of use, with all the information available from the time you install it. There are also no professional services required for this solution.”
Fehrenbach also stressed that IARI has been designed to be a commonly-used supplement to access control, not a niche solution for very large organizations.
“We see this as a broad solution which will fit with a lot of organizations,” he said. “The SaaS and ease of use makes it simple both for larger customers and more downmarket ones. It’s not a specialized offering.”
One Identity Starling Identity Analytics & Risk Intelligence is available now.