The identity market is moving fast, whether it’s in Artificial Intelligence (AI), regulatory changes, IoT, or helping identity managers to make better decisions. To get a sense of what these new trends mean ahead, we spoke to Núria Barceló i Peiró, NXP Team Lead and Manager of Identity & Access management for NXP Semiconductors.
One of the recent things we’ve achieved is to move more of our identity management efforts to SailPoint. One of the companies we acquired was using SailPoint, and it looked more mature than the tools we were using. We took a closer look at SailPoint and decided to move forward.
IdentityNow is cloud-based and helps us to unify identity management across systems and devices. When it comes to identity, we have been replacing our old systems – in one environment we are complete, and we are right now finishing the second environment.
Something that we are quite proud is our being able to offer our people the ability to reset their passwords while not being physically on NXP premises. We are also increasing our use of strong authentication. Other improvements have been simplifying aspects of our identity management. For example, we used to have a lot of attributes defining a user, and there was a lot of historical data that we no longer needed. We decided to take this opportunity and simplify those attributes. This simplification will also help us in the future if we have to upgrade. We also simplified some of the processes, and we have also automated some things that we had to do manually before.
Also, I think the solution right now is much more highly available than what we used to have. For example, in the single sign-on portal, we are much faster now to introduce new applications into the single sign-on portal. So that for us a win-win situation where we are very happy.
The other thing we need to think about is automation and artificial intelligence to provide better security and to help users get the right access. I am interested to know how the market develops in these areas.
The only thing application owners would then need to take care of is when they have a new application. They’d then have to define which groups or roles they’re going to have for that application and then link the required identity management system for provisioning.
I think the difference will be more in the applications, but the application then will make us depend on the roles that the identity has, or, depending on the type, you may decide to allow or not to allow system access. Scale will be a factor here because there will be many more functional identities in the future.