Role-based access control (RBAC) is essential in almost all enterprise organisations. This especially applies in highly regulated organisations such as companies in the financial services sector. Even when tightly defined, RBAC takes time and effort to both set up and manage. Tools like Microsoft Entra ID (formerly Azure Active Directory) make RBAC easier through robust identity and access management (IAM). It does this while also enhancing the user experience.
And then along comes a platform, system, or solution that promises to solve critical business challenges and/or drive forward key business objectives, but that doesn’t support your RBAC protocols. For example, a system that doesn’t support Entra ID.
In these situations, you have two choices:
- Implement the system to benefit from its capabilities while compromising your tightly controlled RBAC and IAM policies.
- Keep your well-structured RBAC and IAM protocols, but lose the potential benefits of the new system.
Neither choice is a good one.
(Here’s a sneak preview of the conclusion of this blog: Access IT Automation’s products, Access Capture and Access Symphony, both support Microsoft authentication technologies, including Entra ID. This means you can benefit from the advantages of our automation technologies without compromising RBAC or IAM.)
A Question of Compromise
If you choose to implement a system that doesn’t support your RBAC and IAM protocols, compromised access control and identity management are not the only downsides. Administrative complexity also goes through the roof, and the benefits of robust RBAC and IAM get seriously watered down.
The Robust & Consistent vs Compromise & Complexity Table
| Benefits of Robust RBAC & IAM | What Happens When You Introduce Unsupported Systems |
|---|---|
| Utilise a unified and centralised approach to access and identity governance. | Identity and access management becomes fragmented. |
| Easier and more reliable management with a simplified and consistent approach. | Increase in complexity with additional account provisioning, deprovisioning, and access reviews. This leads to an increased risk of inconsistencies. |
| Benefit from the security of user experience features of Entra ID, including single sign-on and multi-factor authentication. | Users have to remember additional credentials, resulting in a poor user experience, increased password hygiene risks, and greater security vulnerabilities. |
| Built-in compliance and governance for streamlined auditing and reviews. | Not being able to use the governance tools in Entra ID creates gaps in identity reviews and audits, creating compliance risks. |
| Only one system to administer. | Manual workarounds can be developed, but they are prone to error and difficult to maintain and keep up to date. |
We've Got This
At Access IT Automation, we work on many POCs (proof of concept projects) for enterprise customers before embarking on scale-up implementations. When looking at POCs, IT leaders inevitably calculate the additional work that will be required by their teams to implement the new solution. They will also assess how far outside their policies and protocols they will have to go to make the solution work.
When we demonstrate our products to customers in POC presentations, there is a clear sense of relaxation when IT leaders see Microsoft authentication technologies like Entra ID being used to access Azure instances of Access Capture.
They see the seamless, friction-free user experience for the creation of app packages or to access VMs to UAT test and publish apps to Azure-based deployment systems such as Intune.
They see zero additional access control and identity management requirements.
And they see zero compromise on compliance, security, or governance.
Because of the way we have developed the architecture of Access Capture, the product seamlessly aligns with all Microsoft RBAC and IAM features, enabling application management automation within your existing controlled and secure IT environment.
Do you want to see it for yourself? Get in touch today to book a demonstration.
