I recently had a discussion with several industry CISOs and was pleased to learn that they are not overlooking Identity Access Management as an automation tool. In my opinion, identity is the most critical aspect for any organization, and without proper identity tools, achieving risk profiling, vendor access controls, integration with SIEM and XDR to reduce threat noise for the SOC team becomes difficult. The new RBI draft outsourcing vendor policy also emphasizes the importance of identity access management. With the increased attack surface area, I believe that the identity platform will play a crucial role in mitigating and controlling risks. However, some organizations have developed in-house automation tools that are not identity platforms.

In my opinion, organizations should prioritize the following features when building or selecting an identity platform:

1. Does the platform have risk profiling capabilities for employees, contractors, vendors, and partners?
2. Is behaviour analytics built into the system to identify high-risk and high-profile users , prevent account sharing ?
3. Can the IAM solution scale to accommodate the company's growth and changing needs, including supporting a large number of users and applications and integrating with other systems and technologies?
4. Does the platform have the capabilities to manage cloud identities like AWS, Azure, etc. for cloud application access control?
5. Is the platform adaptive and capable of learning with data?
6. Is there a reporting system in place to manage audits and checklists?
7. Additionally, can the platform integrate with custom-built applications?
8. Does the approval process have a recommendation engine that suggests whether to approve or deny access, as most approvals are currently based on gut feeling?
9. Can the platform provide real-time user access and identify time anomalies based on past history?
10. Does the platform have the capabilities to work on both cloud and on-premise environments since organizations may decide to move to the cloud in the future?
11. Can the platform integrate with endpoints, BYOD, and allow access on those devices?
12. Can the platform provide a single pane of glass for both regular users and privileged users, and offer a consolidated view of access and permissions across the organization?

It is important to note that basic features like joiner, mover, leaver, SSO, and MFA are widely available out of the box and are not included in this list.