The head of the Canadian identity and access management provider talks about challenges IAM faces and new trends

Video interview: N8 Identity

Jay O’Donnell, CEO of a Canadian identity and access management company that counts some of this country’s biggest telecommunications carriers and banks as customers, sits in his chair and recalls what he wanted to do when he graduated from a community college computer course.

 
 “My plans were to do exactly what I’m doing now” — heading his own company. “But I just didn’t know how to get here. So he decided to work for companies to learn how organizations use technology, as well as expand his knowledge of IT. Then he moved into consulting before starting a company that would become N8 Identity Inc.

Twenty years later. has found a niche with its two products: Employee Lifecycle Manager (ELM) and the cloud-based version, ELM Utility.

IAM, O’Donnell says, “is essentially an inventory system of who has access to what in your organization.”

If bringing order out of chaos is the job of IT, one of the more chaotic things that need order is identity and access management.

Too many organizations manage the provisioning of staff accounts for network and application access through spreadsheets or and LDAP directory alone. Yet there’s a dizzying list of things that have to be overseen –getting a new staffer initial login credentials, an email account and access to an approved list of applications (process called onboarding), changing list of apps when the staffer moves to a different post, killing the account when he or she leaves.

And in regulated industries, documentation of all this is now needed. 

Complicating this is the increasing number of cloud-based applications staff are allowed to access on top of on-premise software. Sometimes not only do employees need access to these apps but also business partners and contractors. So organizations are weighing the pros and cons of cloud-based versus on-prem IAM solutions.
Not enough companies pay attention to IAM, says Forrester Research analyst Andras Cser. Most see it as a back-office, IT responsibility that’s a “boring, unprofitable, long arduous process.” Unfortunately, he said, many IAM projects don’t involve staff from the business side, which doesn’t help.
 
But IAM is vital because without knowing who has access to which pieces of data an organization can’t have proper governance, he said.

N8 Identity has seen some success, with customers ranging from BCE Inc.’s Bell Canada, Rogers Communications, Telus Corp. and several Canadian banks. It’s in the middle of a months-long process of rolling out a solution for supermarket chain Loblaws Inc. with its 135,000 employees in over 1,000 stores.

Competitors include giants like Hewlett-Packard Co., CA Technologies, Oracle Corp., NetIQ,  Dell Inc. and Salesforce as well startups like Okta, OneLogin, SecureAuth, SailPoint Technologies, Ping Identity and Aveksa.
 
RELATED CONTENT

“The way large enterprises mange this stuff is very siloed,” says O’Donnell —‘I’ve got a team that does SAP, a team that does Active Directory, a team that does Unix et cetera.’ The problem with that is they don’t have a holistic view what an individual person has access to.”

This is a problem particularly in regulated organizations where not only do certain staff not have access to certain data, for compliance it has to be proved.

The type of organization also plays a role in the solution needed. For example, O’Donnell said, at Loblaws’ headquarters it can take weeks between the time a staffer accepts a job offer and walks in the front door. On the other hand because turnover in a supermarket is so high, onboarding has to be fast – N8 can do it in 15 minutes, he says.

IAM solutions come in various shapes and sizes. Some not only encompass access to IT but also physical access like doors and phones.

Increasingly cloud-based IAM is being considered by enterprises because of its ability to link to on-premise as well as cloud-based applications. As Forrester’s Cser noted in a recent report, cloud IAM can also acted as a broker service between an organization and multiple partners.
 
Cloud also has the advantage of saving organizations money in personnel and maintenance.
Related Download
Cisco Secure Mobility Knowledge Hub Sponsor: Cisco
Cisco Secure Mobility Knowledge Hub
This Knowledge Hub provides an end-to-end look at what it takes to discover, plan, and implement a successful Secure Mobility strategy.
Learn More
Share on LinkedIn Share with Google+ Comment on this article
More Articles