Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros

How Identity Access Management (IAM) Makes ITSM Better—And Why They Belong Together

Posted by

securityblogThe goal of the IT organization is to create and protect business value. The “create” element is widely understood; the IT service management function demonstrates value through the support and delivery of high-quality, cost-effective services that enable the business to meet their goals and objectives. The better the support and delivery of services, the faster the business can go.

The “protect” element however, requires the IT organization to demonstrate the value of control, which can be difficult because oftentimes the tighter and more restrictive the controls, the slower the business is able to move.

This trade-off is not an acceptable one. The business needs to move quickly, with adequate controls in place.

One of the most common intersections of ITSM and Security is with Identity and Access Management (IAM). IAM works to make sure the right people have the right access to the right resources to perform work on behalf of the business. Poor IAM capabilities can spell big trouble for the business. Conversely, sound IAM practices and technologies can reduce costs and better enable business agility.

Business users have a constantly changing array of needs as members and contributors to a company. When the right people don’t have the right access, the common practice for many organizations is to contact the IT service desk to request access, which initiates a process workflow to verify whether, in fact, the requestor should be granted the access they desire.

And then the funs begins…

Tweet this: Sound IAM practices and technologies can reduce costs and better enable business agility. 

IAM-ITSM Deconstruction

Over 40% of contacts to the IT service desk are related to password reset (a subset of IAM). IT organizations looking to reduce costs and improve efficiency must begin by establishing access request processes and workflows to effectively manage the largest percentage of contact volume. However, there are other IAM processes that can be automated, such as user provisioning requests and the enforcement of group policy to ensure groups include the right members.

From an ITSM perspective, focusing on access requests and password reset provides the necessary controls, but has historically sold the value of IAM short. Security professionals designed their own custom portals to manage requests that many users found to be daunting, thus driving low utilization and subsequent return on investment.

IAM-ITSM Value Redefined

IT organizations can better demonstrate the value of IAM in an ITSM construct. Most organizations would benefit from creating a distinction between business user requests made via an ITSM solution versus those made via an IAM system. This can be accomplished using the ITSM solution to manage all incidents and requests not associated with users, while the IAM system can handle all self-service and automated requests tied to user accounts. This approach will result in fuller automation, more productive users, greater cost savings and a better use of IT staff.

Granted, users request services from all areas of an organization. Many of these requests can now be automated through open APIs to enterprise applications and cloud apps. Identity and access management systems leverage these APIs by providing connectors for automating requests. IAM solutions are built with a business user focus and intuitive interfaces, and IAM self-service portals look and feel similar to consumer-oriented online experiences such as e-commerce, email and app stores. In leveraging shopping carts and familiar online experiences, business users are more likely to embrace the mindset required to adopt self-service and fully return the value.

Tweet this: By leveraging familiar online experiences, users are more likely to adopt a self-service mindset and return value.

IAM-ITSM Efficiency

With user-centric identity and access management systems, IAM is positioned to govern over service catalog requests as part of the user management lifecycle. In fulfilling ITSM requests, IAM systems can open tickets in the system so one interface can be used for all requests. A single portal for users simplifies processes to ensure greater efficiency. With self-service IAM, automated ticketing captures efficiency gains by reducing a help desk’s time to close tickets.

When you deploy an ITSM solution, think innovatively about ways to improve upon the management of costs, controls and security. Identity and Access Management can improve service management in these areas by making users more efficient through self-service and automation.

In doing so, an IT organization can deliver on its promise to produce—and preserve—as much business value as possible.

To learn more ways IT can deliver value to the business, don’t miss our eBook, 7 Essentials that Raise IT’s Value to the Business.







About the Author: With over 20 years in technology automation, Corey Merchant, Vice President of Sales for Avatier Corporation, oversees global sales and business development serving international companies.