According to an IDC white paper, the total amount of data created, captured or replicated by homo sapiens will reach up to a mind-boggling 175 zettabytes in 2025. Even though this number also includes (many!) cat videos on YouTube and TikTok, it’s clear that also the data part that is relevant for corporate businesses and SMEs is growing rapidly. In fact, it’s not just the volume that is growing, but also the importance…
Before we move any further, let’s try to digest this 175 zettabytes number. A terabyte is about 1.000 gigabytes. Likewise, 1.000 terabytes form a petabyte and 1.000 petabytes equal an exabyte. Finally, a zettabyte is 1.000 exabytes. So 175 zettabytes – give or take a few bits – equals 175 trillion gigabytes. If you captured all this data on DVDs, you would need 23 piles of discs, all reaching from the earth to the moon. Gasp.
In organisations, it’s clear that data is important for marketing purposes and other fields like identity and access management (IAM). However, there is a distinction between data being important and being valuable. Data has the potential to be valuable, but the actual value largely depends on the processing that was – or was not – applied to the data.
For instance, if IAM data is used to its full potential, it helps to prevent threats by identifying high risk areas – such as a list showing you the orphaned accounts in your company – that need your attention. The same data can also help you automate typical IAM processes like access requests and access assessments, which are otherwise very time consuming. However, if no processing is applied, you just have a pile of IAM data about identities and accounts in which you will hardly (or not at all) find the relevant information.
According to a study by Forrester, 74% of the companies want to be data driven, while only 29% manage to do so successfully. Companies that are less successful in this area often don’t manage to convert their raw data into actionable insights.
Three stages of data
Actionable insights – meaning that your organisation gains insights (based on analysing data) which can be used to move the business forward – are considered to be the holy grail of data. So the question is how to squeeze those insights from your data.
Simply put, you need to extract information from your data and subsequently use this information to gain (actionable) insights. It’s a three-stage production process, starting with raw data:
Without further processing, raw data is pretty useless. It’s in fact nothing more than a pile of facts in the form of numbers and text. In current times, data is mainly stored in computers.
Information is raw data that has been consolidated (from multiple sources), processed and converted into a more human-friendly format. Information provides context – as opposed to raw data – and is often presented in a graphic manner.
By carefully analysing the information and drawing conclusions, you will finally gain insights. However, some insights are more valuable than others. Insights that answer questions are beneficial, but what you really want are ‘actionable’ insights that can influence decisions, make you rethink something and drive change.
It is therefore clear that the collection and analysis of tons of data are only necessary means to achieve an objective. What really matters is enabling your business to take the right actions.
Man versus machine
Collecting data is mostly taken care of by automated processes that hardly need any human intervention. Human brains are only needed to decide which data needs to be collected and how to get the job done within the regulatory framework.
However, converting raw data into information and insights is a different matter. It’s true that human beings are able to track relevant patterns in a pile of data, but it takes lots of time and it’s an unpleasant and numbing activity altogether.
As the amount of data continues to increase, it is no longer feasible – also in an economical sense – to do this manually. Imagine a company with a staff of 5.000 of which a significant number regularly moves to another function in the same or another department. This means that a lot of roles and jobs need to be assigned and/or created, each having their own set of permissions. In such a situation, it’s just not feasible to keep track of all permissions, let alone to know who has more permissions than they should.
Human brain boost
Augmented intelligence – which is not a replacement for human intelligence but rather a complement – brings the solution. If done properly, augmented intelligence assists by taking on the repetitive tasks, leaving more time for humans for analysis and for working out creative solutions. Augmented intelligence – and machine learning in particular – is capable of analyzing huge amounts of data and discovering patterns and correlations in this data that would go unnoticed to human analysts.
Improve your IAM strategy with augmented intelligence
In order to efficiently process data which is related to identity and access management, augmented intelligence can be deployed in the form of a virtual assistant. On the condition that you use the right tools, this assistant digs through all of the consolidated data in a very productive and meticulous fashion and can also set up automated security controls. All of this will – for example – result in a list showing all accounts that haven’t been used for the last six months. Such a list is quite important, as it gives you a clear overview of all the orphaned – and therefore vulnerable – accounts in your organisation.
The same assistant can also detect people in a team that have more access rights than other people in the same team. Even if you don’t know the reason for this – probably because those people were transferred from another department where those access rights were necessary – this information will help you to improve your identity and access management.
At a later stage, the newly acquired insights can also be translated into recommendations or rules regarding whether or not to grant access to a person. This can often be fully automated (e.g. employees that are part of a certain department may never have access to a certain application) so that specific access requests will automatically be denied.
Meet your new assistant
Elimity developed a very capable digital assistant in the form of the Elimity Insights Saas platform. Insights uses powerful augmented intelligence, enabling you to spot data related vulnerabilities in your organisation. This will help you to make smarter decisions on long term data strategies regarding data safety and regulations and standards like GDPR, NIS and ISO. More on Elimity Insights here.