Identity and access management (IAM) vendor ForgeRock said it will start rolling out its new Identity Governance offering — a cloud-based security and governance product designed to provide one-stop shopping for organisations looking to solve access management issues.
There are three main components to ForgeRock’s newest IAM product, according to the company. The first, comprising access certifications, provides AI-generated recommendations to decision-makers on whether to grant access to a given system to users or applications.
The second component, which deals with access requests, offers automated application access and an automated, always-on self-service portal.
Finally, Identity Governance provides a “segregation of duties” feature that is designed to aid in compliance with regulatory requirements.
The system runs on ForgeRock’s own Google Cloud instance, which means that no hardware or even cloud workloads run on the user’s own systems — the entire platform operates remotely.
“This means you get the horsepower to process millions of permissions per minute without worrying about a noisy cloud neighbour obstructing your workload,” the company said in a blog post.
The idea is to address problems in security, onboarding, and the vast increase in the complexity of the application environment driven in part by hybrid workers. Trying to handle every low-level service request and onboarding task manually is simply not an option for many companies.
Automating them, then, and providing a unifying framework for several different parts of the identity and security governance equation, is an attempt to dramatically lessen the workload for IT security teams.
“Technologies that help IT teams govern application and data access at scale have become increasingly important to enterprise security strategies,” said Google Cloud director of product management Irina Farooq, in ForgeRock’s announcement.
The AI/machine learning part of the ForgeRock Identity Governance platform can even go above and beyond making simple recommendations, according to the company – automatically paring down excessive permissions granted to particular accounts and flagging potential issues for immediate attention from IT staff.
It’s a product of the company’s earlier investments into AI technology, ForgeRock’s blog post noted, and an outgrowth of its Autonomous Access product, which applies automated decision-making to (as the name suggests) identity access requests, and which was released in May of this year.
ForgeRock said that the access certifications component of the platform will be the first available, as of “the beginning of 2023.”