An Offering To Security Verify
21 August, 2020, by Simon Young
IBM Cloud Security has had its first rebranding. Going forward it will be known as IBM Security Verify but rather than discuss name changes, let's talk a little about what is new and what this means for new and existing customers.
The biggest addition is the new "Verify Bridge for Provisioning". This is a gateway to integrate IBM Security Verify with on-premise end points using existing IBM Security Identity Manager/Identity Governance provisioning adapters. The rub is that currently there is only support for the Microsoft AD Adapter. However, it will be only a matter of time before there is support for the plethora of adapters already out there for IBM Security Verify Governance (aka IGI/ISIM).
This will allow on-premise targets to be managed by IBM Security Verify from within the cloud itself with the minimum of fuss. As the Verify Bridge only talks out over HTTPS to IBM Security Verify, there will be no need to poke a hole in your firewall. This also lends itself to providing several integration options depending on your existing environment. IBM have also made it straightforward to deploy, all of this is wrapped up nicely in a Docker container.
If you are lucky enough to only have to worry about SaaS accounts, you can happily just use IBM Security Verify. If you are an ISIM or IGI customer, you can integrate with IBM Security Verify using the IBM Security Verify adapter. If you are just a IBM Security Verify customer but are looking to bridge that gap into your on-premise environment without a separate heavy-duty product, you can with the Verify Bridge.
The second interesting addition is IBM Identity Analytics. Analytics will take your activity and entitlement data and provide you with a 360-degree view of access risks coupled with the ability to take actions based on those insights. As it is IBM, it's only natural that you'll also be able to slurp up data from both IBM Security Verify Governance (ISIM and/or IGI) using IBM Security Verify Information Queue (ISIQ).
An additional positive about Identity Analytics is extensibility - in terms of custom policies, workflows and data sources. The data sources are most interesting, as Identity Analytics also lets you analyse the risks from different IGA products and the first one to be supported is Sailpoint. I like this because it gives businesses more options when it comes to their tooling and provides an option to mix and match if you feel you will get more benefit from another vendor's tool for a particular function. It's a tricky road to navigate however, as there is always the possibility that you end up creating Frankenstein's monster.
For those of you who like the sound of IBM Identity Analytics but don't want your data in the cloud, you're also in luck, IBM offer an on-premise version of Analytics!
This is a flexible offering, providing options for on-premise, hybrid, and full cloud options, empowering business to work on each problem (lifecycle, governance, and analytics) at their own pace and with a strategy that suits them. As we know, IAM projects can last a long time as a business gets to grips with where it actually is and while it figures out the best approach for moving it forward. All while trying to justify the value to stakeholders who themselves may be having a tough time seeing the value in a comprehensive and well thought-out identity and governance programme.
All of this, along with the existing Recertification Campaign and Self Care functionality means that IBM Security Verify is starting to shape up into a comprehensive cloud based lifecycle and governance tool.
Contact Us to learn more about how IBM Security Verify can help your business.