What The Ascent Looks For In Great Identity Management Software
The best IAM software includes a standard set of must-have features, personalized customer support, and transparent pricing. You need to do your research though, because the devil is in the details in these three areas.
Any IAM software you use should include these features:
- Single sign-on (SSO): Users log in once to a single interface to access multiple third-party software applications or websites.
- Multi-factor authentication (MFA): Users provide secondary information such as answers to security questions, OTPs, or biometric information to validate login credentials.
- Password management: IT administrators set and enforce automated policies for password strength, forbidden passwords, and user-generated passwords.
Other useful features include:
- Contextual authentication: AI calculates the risk of each connection to apply MFA on a case-by-case basis.
- Mobile apps and browser extensions: Users access their SSO portals with apps and/or browser extensions to enhance the user experience.
- Corporate and Personal Password Vaults: Allows users to combine personal password vaults with corporate vaults to reduce the frequency of reused passwords.
Most IAM software has self-service resources such as a knowledge base, product documentation, and community forums.
The most critical feature, however, is one-on-one technical support. If you have a significant problem with your IAM software, all of your employees and customers could be locked out of your network. You won’t have time to wade through endless web pages looking for a solution; instead, you need direct live chat or phone support to get you back online ASAP.
Accurate pricing is essential. Even if your initial price per user looks attractive, that can change quickly depending on minimum annual contract costs, additional features needed, and different plans with widely varying feature sets.
Customer support can be another significant cost. Windows Azure Active Directory customer support will likely be at least $1,000/month for mission-critical environments, while Google Cloud Identity includes 24/7 phone support and live chat in its price per user. .
How Your Business Can Benefit From Using Identity Management Software
Beyond its base cost, IAM software can require significant upfront work from your IT department to implement, and users must go through additional steps to securely connect to your network. However, those upfront costs and inconveniences are worth it, as you get multiple far-reaching benefits.
After your products and services, your most valuable assets are digital: business documents, financial information and customer data. Compromised passwords cause 81% of hacks, but MFA blocks 99.9% of these attacks.
Key benefits include streamlined incident response protocols, endpoint detection and response (EDR), and granular network diagram production. If you have a dedicated Network Security Operations Center (SOC), IAM user, login, and activity reports contribute directly to your identity management processes.
The cost of data breaches varies by country and industry, but in 2019 the average cost globally was $3.9 million per breach, which equates to $150 per compromised record. Avoiding even one data breach can cover your IAM costs for years.
Single sign-on saves money by reducing the time employees need each day to log into multiple applications. Of course, it’s not that much on any given day, but recent statistics show that this amounts to 12.5 hours saved per employee per year. If you have 500 employees with an average salary of $50,000, you’ll save over $155,000 per year.
This amount increases even further when you factor in another time-saving feature: self-managing password features that don’t require IT intervention. Each password reset performed by your IT department, for example, costs between $7 and $10.
Improved IT productivity
Greater IT department efficiency is another benefit. Okta claims that its automated IAM tools reduce routine IT support requests by 50%. That doesn’t mean your IT techs have more time to debate the relative merits of star wars versus star trek. (FOR YOUR INFORMATION: star trek is the best.) Instead, they can put more effort into higher-level activities that maintain and protect your IT infrastructure.