ROBOTICS DRIVEN

AUTOMATION
FOR SMARTER
IDENTITY AND
ACCESS MANAGEMENT
SOLUTIONS
The potential that
Robotics Process
Automation (RPA)
promises to bring in
through simplification
of IAM processes is a
commendable advantage
to deal with enterprise
security, governance and
compliance challenges.
RPA brings down manual
intervention by automating
routine tasks and building
an integrated platform.
Enterprises have been investing relentlessly in
technologies to address the changing business landscape.
The focus remains accelerated business growth driven
by processes, competencies and operating models.
With the larger aim of bringing in digitalization within
enterprises to address the need of customers, chief
digital security officers realize the value of Identity and
Access Management solutions to manage the resources
across the diverse technology sets.
An Identity and Access Management (IAM) solution
is central to building a connected workplace where
information sharing is liberal yet needs close monitoring
and user restrictions. A modern enterprise ecosystem
consists of stakeholders who not only belong to the
employee community but also outsiders who need
access to corporate databases and applications on a
regular basis. With vendors, suppliers and customers
all becoming an integral part of the overall value chain,
having a distinct enterprise perimeter does not work in
most cases as organizations move their applications and
workloads to the Cloud and in a business environment
where there is a heterogeneous mix of the user and
technology element, managing user identities and access
privileges becomes a prime imperative.

The next level of conversation within enterprises is centered around

empowering employees with digital technologies; Identity and Access
Management becomes a foundational element of any security program

2 Robotics Driven Automation for Smarter Identity and Access Management Solutions
THE MOVE TOWARD NEXT GENERATION IAM SOLUTIONS

IAM as a technology concept was initially started to human error and improve efficiency. IAM became
address the need of access management and related a part of overall enterprise strategy, which included
compliance needs. The deployments that happened every type of user. With an aim to develop more
earlier across enterprises were intelligent solutions, IAM vendors
largely ad-hoc and project IAM solutions evolved over time, started imbibing next-generation
based. Network administrators nonetheless were challenged technologies like automation into
considered using an IAM products. A single product that
with simplicity, automation,
solution only for providing caters to all enterprise needs from
integration capability and
provisioning rights for isolated compliance requirements to identity
operational efficiency
systems. However, given the management, access certification
high cost of the solutions, and infrastructure management was
enterprises failed to lower the TCO and make it an developed that created better value proposition. The
enterprise wide solution. best IAM solutions would have a single pane of glass
for access management with seamless integration with
The next wave of IAM solutions saw deployments being
existing technologies and minimum human intervention.
made across the enterprise. Organizations realized
the need to replace mundane job processes to avoid

Exhibit 1: The shift toward an Automated IAM Solution

Solutions Trends Solutions Trends

• Ad-hoc deployments, IAM • Complete Enterprise-wide

solutions deployed only for
isolated systems and applications
• Only compliance driven
deployment
• Largely manual IAM processes
• Focus on provisioning technology
Customer and Adoption Trends
• High compliance value and cost
• Higher TCO
• Low on benefits
• Use cases mostly for large
enterprises
deployment
• Single suite of IAM technologies
• Shift from manual to semi-
automated IAM processes
Up to • Improved technology capability
2017 that is based on next-gen
technologies of AI, ML and
2018 and
Automation
Beyond
Customer and Adoption Trends
• Low cost of solution acquisition
• Single pane of glass for access
• Low TCO

Moving toward an Intelligent, Context Aware, and Automated IAM Solution

Source: Frost & Sullivan

Robotics Driven Automation for Smarter Identity and Access Management Solutions 3
WHY LEGACY IAM SYSTEMS FAIL TO WORK IN TODAY’S CONTEXT?

Enterprises do understand the value of IAM solutions. They have been using such solutions for quite some time;
however, have not reaped benefits to a large extent. Security breaches happen frequently due to inability of the
traditional IAM solutions to deal with today’s enterprise needs.

Listed below are the challenges enterprises deal on a regular basis while handling IAM solutions:

Exhibit 2: Top 5 Drawbacks of Traditional IAM Solutions

IAM SOLUTIONS NOT MEANT FOR TODAY’S HETEROGENEOUS IT INFRASTRUCTURE

01 The modern enterprise infrastructure includes Cloud Applications, Virtualization, Software Defined
Architectures, etc. which makes it difficult for enterprises to manage identities

LIMITED INTEGRATION CAPABILITY

02 Enterprises find it challenging to integrate IAM solutions with existing IT infrastructure

TIME CONSUMING

03 Most traditional IAM solutions are time consuming; the on-boarding and off-boarding process becomes a
challenge and employees don’t get access to applications needed to perform their jobs on time
REQUIRES HIGH LEVEL OF HUMAN INTERVENTION

04 Traditional IAM solutions require resources to manually define and process Identity and Access Management
norms which becomes a daunting task when it comes to large and diverse organizations

COMPLEX USER INTERFACE

05 Most IAM solutions have a complex user interface which makes it difficult for Security Professionals to take
advantage of the solution

Source: Frost & Sullivan

To deal with these aforementioned challenges, enterprises resorted to multiple ways of IAM deployment.
This includes semi-automatic IAM systems, use of file transfer based integrations and functionality compromises.
While, these solutions help ease IAM processes to a certain extent, enterprises still could not completely benefit
from these deployments.

Exhibit 3: Operational Challenges of Commonly used IAM Deployments

DEPLOYMENT MODEL CHALLENGE

Use of manual teams along with workflow engine for

SEMI-AUTOMATIC IAM SYSTEMS
access provisioning/deprovisioning

Good from a compliance perspective but not ideal for

USE OF FILE TRANSFER BASED INTEGRATIONS
risk mitigation or efficiency

FUNCTIONALITY COMPROMISE Focused on access review but not for access provisioning

Source: Frost & Sullivan

4 Robotics Driven Automation for Smarter Identity and Access Management Solutions
BUILDING SMART IAM SOLUTIONS: THE TRANSITION TOWARD
ROBOTICS DRIVEN AUTOMATION

THE NEED TO AUTOMATE THE ADVANTAGES OF ROBOTICS

IAM solutions have been fast evolving to help
organizations meet the needs and expectations of
enterprises. User actions like viewing or editing a
document need to be closely monitored depending on
the role of the individual within the organization. Features
like Single Sign On (SSO), Multifactor Authentication
(MFA), Lifecycle Management, Governance and
Privileged Access Management (PAM) have become
a frequent activity for managers. Methodologies like
Provisioning, De-provisioning, Directories, Authentication,
Authorization and Auditing are being used for Identity
and Access Management purposes. The need to simplify
these frequently used processes has been realized and
enterprises are looking to automation as an easy way out.
Automation helps IT teams create and manage identities
and avoid manual error.
Exhibit 4: Why to Automate IAM Processes
Limit manual intervention and error
Ease up IAM processes by simplifying tasks
Excellent for fast changing identity and
access requirements within enterprises
DRIVEN IAM
Robotics Process Automation (RPA) mimics human
behavior to perform routine human tasks which
otherwise require lot of human energy. It helps
automate IAM processes that are repetitive, rule
based and do not require human intelligence. The
IAM system uses software that recreates repetitive
steps by pulling out information from one system
and takes action based on user request, data and
expected outcome.
Identity Governance and Administration (IGA) is
another area which benefits from RPA. Functions
in IGA like provisioning/deprovisioning, password
management, role and access management,
certification, which are traditionally manual, often
work in isolation. Putting connectors across all
of these is a daunting task which requires heavy
investment. Siloed processes are error prone and
expose enterprises to a cyber-attack. Use of RPA
helps streamline multiple identity governance
processes by building a centralized platform and
talking care of the overall compliance, security and
risk posture.

Ensure streamline operations

Build Just-in-Time IT Systems

Better manageability of Employee Lifecycle,

Process Requests, SSO, MFA, Password
Management, etc.

Highly scalable and flexible

Source: Frost & Sullivan

Robotics Driven Automation for Smarter Identity and Access Management Solutions 5
Exhibit 5: Difference between Traditional IAM and Robotics Driven IAM
TRADITIONAL IAM
Takes a discrete approach toward Identity and
Access Management
Repetitive coding
Manual Configuration
Doesn’t function in a heterogeneous IT infrastructure
Complicated processes with high manual intervention
CHOOSING THE RIGHT IAM SOLUTION
To unsheathe the benefits of RPA in IAM processes, it is
important that enterprises partner with the right service
provider. IAM is an integral part of the security strategy
and choosing an IAM solution that addresses the need
of organizations is fundamental. It should be ensured
that the IAM solution should have useful functions like
MFA, One-time Password (OTP), third-party vendor
access management and monitoring and shared account
personalization features for administrators. The solution
should have proactive incident response capability for
an event of identity or access breach. Compatibility is a
common challenge and the IAM solution that is chosen
should integrate with network architectures, operating
systems and SIEM systems used by the organization.
With innovations replacing traditional IAM solutions,
vendors have equipped themselves with latest technology
sets like RPA and Threat Intelligence. This gives an
excellent opportunity for customers to bank on these
vendors who understand enterprise challenges and work
together by using next-generation technologies. Solutions
should be user friendly automating repetitive jobs only
to reduce human intervention and error percentages.
6 Robotics Driven Automation for Smarter Identity and Access Management Solutions
ROBOTICS DRIVEN IAM
Takes a platform approach that addresses the need of
identity management, access certification, infrastructure
management and compliance
Code once
Auto configuration generation
Suited for modern infrastructure which includes Cloud,
Virtualization and Software Defined architectures
Easy on-boarding and Life Cycle Management
Source: Frost & Sullivan
An IAM solution driven by RPA is an invention that
makes Identity and Access Management dependable for
enterprises.
Exhibit 6: Key Questions to Ask while
Selecting an IAM Solution
How critical is an IAM solution for Enterprise and how
can we benefit from the latest innovations in IAM?
What applications do we need our IAM solution
to integrate with or support?
Do we need to use an On-premise, Cloud or
Hybrid Solution?
Can we scale up/down the solution as per our
needs and is the solution ready to cater to the fast
changing technology landscape?
Source: Frost & Sullivan
Enterprises should not merely select an IAM
vendor but partner with a provider who builds
their solution based on next-gen technologies
that automate processes and minimize
manual involvement
ROBOTICS DRIVEN IAM FROM AUJAS

Aujas is one of the fastest growing cyber security firms in
the world. It has been instrumental in working closely with
customers to build and transform cyber-security posture to
enable business and mitigate risks. The company’s focus on
strengthening security resilience by reducing the consequence
of attacks, threats and risks has earned confidence among
enterprises. Driven by a strong leadership team who
understands and tracks the cyber-security market closely,
Aujas has been working relentlessly to protect businesses.
Today, the narrative is built around “IAM with Robots”.
Routine tasks are being automated making it easier to
provide identity and access control along with better
governance. Aujas starts by classifying applications in
accordance with the level of integration that is needed
with IAM. This is in turn a function of ease of integration,
number of users and business/compliance criticality. Based
on this function, the team decides the optimal level of
application integration needed.

In the process of working with enterprises over the last
few years, Aujas has comprehended the various challenges
that organizations have to face regularly. CISOs have been
struggling to minimize human error within IAM processes.
Efficiency has always been questioned; siloed processes
have mostly been missing. Repetitive tasks are being
performed by human beings which is a loss of time and
effort. To address these challenges, Aujas has introduced
the power of RPA in IAM solutions.
As a part of quick application onboarding, Aujas utilizes the
assembly line approach (see exhibit below) for integration
of applications. It uses automation for requirement
processing and configuration upload with failsafe manual
methods. Aujas in partnership with Sailpoint has been
working toward introducing capabilities for setting up a
native integration factory.

Exhibit 7: IAM Rapid Application Onboarding; the assembly line approach for integration of applications

01 02 03 04 05 06

Requirement Production
Uncategorized Configuration Confirm Independent
Gathering and Ready
Apps Upload Reconciliation Testing
Processing Integrations

SailPoint based RA Directly METHOD 1

PALM API
SAM linked from PALM based export to
Bronze Sailpoint
Other Apps (subject to version
RA from limitations)

existing METHOD 2
Integrations PALM xml
compatible with
Sailpoint UI based
setup

METHOD 3
PALM export for
UI based import
into Sailpoint

Source: Aujas

Robotics Driven Automation for Smarter Identity and Access Management Solutions 7
Aujas leverages an integration factory approach using The IAM integration factory has now become Aujas’
Platform for Access Lifecycle Management (PALM) to default approach for app integration for any initiative
achieve application onboarding goals. In this approach, with more than 50 apps in scope. The company uses
every app goes through standardized tasks much like this approach to/for:
components in a factory assembly line.
• Complete role profiling for enterprise apps
The IAM Application integration factory brings in assembly
• Generating access packets
line predictability, efficiency and automation to the process
• Capturing workflow requirements
of integration of applications with IAM systems. The
IAM Integration Factory has been used to expedite the • Robotics integration
integration process by 5x on an average. The Integration
• Auto-generation of IAM code
Factory is a set of processes, methodology and tools that
• Manual validation by engineers
can be utilized with various IAG solution environments.

8 Robotics Driven Automation for Smarter Identity and Access Management Solutions
THE SOLUTION OVERVIEW

Enterprises need to adopt IAM solutions to move beyond compliance and address the
pressing need for identity management, access certification and infrastructure management

Exhibit 8: IAM use-cases for Robotics Driven IAM

Various IAM Use Cases from Aujas

User Identity Privileged Identity Access IAM Infrastructure

Management Management Certification Management

Identify, remediate Periodic password Access data collection Maintain periodic back
orphans, terminations, rotation and validation up and cleanup
Run access data
transfer
sign-off process Scheduled maintenance
Discovery and
Reconcile user inventory accounts of applications and
Prepare data for
accounts and accesses servers
certification
Bulk actions (ex: Monitor account Monitor SSL certificates
Report distribution
create test accounts) usage for renewals
Launch post campaign
activities Regularly monitor
Periodic distribution of
Report distribution heap, syslog, and
reports Closed loop connections
revocation

Source: Aujas

Aujas IAM solutions are highly automated which help in solutions leverage automated rule based techniques to
faster integration with businesses enabling operational deal with repetitive tasks and eliminate human error.
efficiency and better cost management. The solution
Aujas Robotics Driven IAM finds excellent use cases
does not use product level connectors or adopters
within enterprises. Companies are often challenged by
which are expensive and instead uses robotics to
the need to have a unified and standard method for
automate and link IAM tasks to address the growing
access request. Business wants cost effective compliance
need of user identity and access requests. Aujas IAM
and de-risking by auto de-provisioning. The larger goal

Robotics Driven Automation for Smarter Identity and Access Management Solutions 9
remains quick deployment of IAM solutions and elimination of manual operations. Aujas provide enterprises with a
unified platform for access request management, auto generation of app request forms, auto deprovisioning, RPA
driven IAM provisioning ops and audit trails for easy compliance checks. These help enterprises to digitalize and
standardize approval processes by eliminating human errors. Outcome is fast as the solution is made live within
100 days for 100 applications against traditional timelines of years. Robotics Driven IAM from Aujas is endpoint
independent and meant for a large variety of applications.

Exhibit 9: Aujas Robotics Driven IAM Process

Leverage custom developed Review automation

automation frameworks along objectives and the
with other standard frameworks need to build IAM
offered by UiPath, BluePrism, systems using robots.
PyRobot, SailPoint 11Q, AzureAD,
IBM IGI, and RSA Via L&G

Devise robotics
driven managed
services for IAM ROBOTICS Setup
of IAM

DRIVEN
with the transition
integration
from human
factory
serviced to bot
serviced tickets IAM

Design RPA IAM

integration architecture Establish use cases
& Robotics Identity for automation of
Management IAM Operations
Framework using robotics

Source: Aujas

10 Robotics Driven Automation for Smarter Identity and Access Management Solutions
THE UNIQUE DIFFERENTIATOR AND elements like current questionnaire, current internal
VALUE PROPOSITION CSAT, description writing standards, etc. are being
analyzed. The transition phase is governed and
The expertise and experience that Aujas as a company
executed by an experienced team of Onsite Tech-leads,
brings to customers is considerably unique.
Off-Shore Project Managers, Business Analysts and
The Integration Factory approach used by Aujas
Lead Engineers. Aujas’ unique differentiator lies in the
PALM provides up to 85% efficient app integration for
seamless IAM onboarding and integration experience
enterprises. PALM syncs well with other systems in the
that it offers to global enterprises. The company has
enterprise ecosystem, is workflow driven and furnishes
over 130+IAM practitioners with implementation
accurate dashboard, statistics and reporting. Rapid
experience using specific IAM products. The team
integration approach with PALM solution takes around
has the capability to deliver hybrid-onsite and remote
16 days of analysis and 2 days of IAM configuration
service delivery. The company runs an IAM Center
development.
of Excellence (CoE) to drive innovation. Aujas is
Aujas takes into consideration a multi-track approach
technology versatile with strong partnerships with all
for the transition plan. The entire transition phase
leading IGA, Access Management, Privileged Identity
comprises multiple parallel tracks where critical
Management (PIM) and Full Suite IAM vendors.

THE WAY FORWARD IN IAM

The future of Robotics Driven IAM would involve cognitive technologies

like Machine Learning (ML), Speech Recognition and Natural Language
Processing (NLP). Robotics is likely to imitate human behavior and
over time become more accurate, faster and foolproof. Human
intervention would be further reduced and efficiency would reach
newer heights. Analytics combined with AI would provide contextual
insights into breach management thereby strengthening Identity and
Access Management processes. While complete automation is not
possible today, the future of IAM would be built around next generation
technologies thereby making enterprises “Go Smarter”.

Artificial Intelligence would transform IAM into an

intelligent security solution and change the way user
identity and access privileges are being managed,
monitored and controlled

Robotics Driven Automation for Smarter Identity and Access Management Solutions 11
ABOUT FROST & SULLIVAN

For over five decades, Frost & Sullivan has become world-renowned for its role in helping investors, corporate
leaders and governments navigate economic changes and identify disruptive technologies, Mega Trends, new
business models and companies to action, resulting in a continuous flow of growth opportunities to drive future
success. Contact us: Start the discussion.

www.frost.com

ABOUT AUJAS CYBERSECURITY

Aujas cybersecurity is a pure-play cybersecurity services company with deep expertise in Identity and Access
Management, Risk Advisory, Security Verification, Managed Detection and Response and Security Engineering
services. Our unique products and services help businesses build and transform security postures while mitigating
risks. The service focus is to strengthen security resilience by minimizing the occurrence of attacks, threats, and risks,
so that you drive change, innovate, and accelerate growth.

For more information, do visit us at www.aujas.com You can also write to us at [email protected]

©Copyright 2019, Aujas Cybersecurity. All rights reserved.

No part of this document may be reproduced, stored in a retrieval system, transmitted in any form or by any means,
electronic, mechanical, photocopying, recording, or otherwise, without the express written permission from Aujas
Cybersecurity. The information contained herein is subject to change without notice. All other trademarks mentioned herein
are the property of their respective owners.

12 Robotics Driven Automation for Smarter Identity and Access Management Solutions