Streamlining user access reviews for disconnected applications : A scalable framework
Abstract
In large organisations, managing user access reviews for hundreds of disconnected applications (applications not integrated with central identity governance and administration [IGA] solutions) remains a daunting challenge. Traditional role-based access control models ensure authorisation but often fail to maintain least privilege for disconnected systems due to integration complexities.1 This paper proposes a scalable and customisable framework for user access reviews for disconnected applications that bypasses the time-consuming and arduous task of application integration. The framework is split into pre-certification, certification and post-certification stages and leverages Python scripts to streamline reviews. The tool is deployable with or without an IGA solution, reduces risk and meets audit needs, offering identity and access management practitioners an efficient path to govern access across diverse systems. This article is also included in The Business & Management Collection which can be accessed at https://hstalks.com/business/.
The full article is available to subscribers to the journal.
Author's Biography
Vatsal Gupta is a senior identity and access management (IAM) Architect at Apple, where he focuses on designing scalable, secure IAM solutions. His interests include policy-based access control, identity governance automation and artificial intelligence-driven cyber security in industrial systems. He holds a Master of Science in management information systems with a focus on cyber security and system design from Texas A&M University. Vatsal is a Senior Member of IEEE and an active contributor to IDPro. He serves on the advisory board of EC-Council and is a reviewer for ISACA Journal.
