Autonomous Identity: Your Prescription for Reducing Risk in Healthcare

Earlier this year, ForgeRock published our 2020 Consumer Identity Breach Report detailing insights and data on breaches impacting consumers in 2019 and Q1 2020. As highlighted in the report, healthcare was, once again, the most frequently targeted industry (43% of all breaches), personal identifiable information (PII) accounted for the most sought after data type at 98%, and unauthorized access was by far the most common attack vector, responsible for 40% of breaches.
As overburdened healthcare IT professionals work tirelessly to meet the demands of the COVID-19 pandemic, cybercriminals are using the global health crisis to take advantage of institutions by exploiting unauthorized access.
This reality means the healthcare industry must protect against two threats at once. Neither is simple. IT professionals need to ask themselves whether they can identify high risk anomalous access. And just as importantly, explore how AI can help by automating access requests, performing certifications, and predicting what access should be provisioned to users.
Identity Governance and Administration (IGA) solutions fall short in their ability to address the healthcare industry’s risk landscape and cannot meet its demanding and ever-changing requirements. Why? Simply put, IGA solutions don’t provide organization-wide visibility or identity context especially as identities continue to increase in multiple applications and locations (on-premise, cloud, etc.). This leaves your risk and security teams struggling to keep up as they manually provision access privileges and rubber stamp access requests and certifications. Additionally, the resulting operational inefficiencies can leave your teams blind as to who has access to what and, more importantly, why they have access in the first place. So, what’s the cure?
ForgeRock Autonomous Identity is an AI-driven identity analytics solution that can be layered on top of, and integrated with, your existing IGA solutions to provide real-time and continuous organization-wide user access visibility, control, and remediation. Autonomous Identity analyzes all identity data to give you a deeper understanding into the risk associated with user access across the entire organization. The solution ingests vast amounts of workforce, partner, and consumer (patients/members) identity data from existing identity management and governance solutions, identity stores, and user activity repositories to provide wider and deeper insight into the risks associated with user access.
For example, one of the largest healthcare retailers in the United States used ForgeRock Autonomous Identity to bring visibility and contextual insight to their employee records, applications, entitlements, and entitlement assignments. The result was 550,000 entitlement assignments identified for AI-driven automation and clean-up; an accomplishment that would have taken a lot of resources and months, if not years, for IT teams to do manually.
As the customer story above exemplifies, Autonomous Identity enables your risk and security teams to accomplish the seemingly impossible — reducing risk, manual processes, and costs with one solution across your disparate identity enterprise.
To learn more about ForgeRock Autonomous Identity, read Maximize the Value of Your Healthcare Identity Solutions with AI-Driven Identity Analytics or contact us today.