ForgeRock Identity Governance

As a comprehensive AI-driven Identity Governance solution, organizations can collect and analyze identity data (e.g. accounts, roles, attributes, entitlements, and more) from diverse identity data sources (e.g. identity governance, identity management, infrastructure, and more) in order to provide enterprise-wide user access visibility. Combined with simplified access requests, approvals, segregation of duties policies, certifications, and role mining capabilities, enterprises can fully automate the entire identity lifecycle for creating, managing, and restricting identity access to accounts, systems, applications and infrastructure.

ForgeRock Identity Governance works with all existing identity data types to develop a complete view of the user access landscape. By consuming and analyzing tens of millions of data points, the solution can predict and recommend user access rights and highlight potential risks. Total landscape visibility provides highly accurate models on what good access should and should not look like. Unlike other "black box" IGA solutions, that are based on static rules, roles, and peer group analysis, ForgeRock Identity Governance relies strictly on organizational data to develop an analysis that is free from any bias that might come from human-derived rules and roles that exist in your existing identity governance solution.

ForgeRock Identity Governance's extensible data model allows organizations the flexibility to manage multiple identity types, including: customers, partners, workforce, citizens, machines, devices, bots’ APIs, applications, microservices, and more. Combined with a highly intuitive user interface (UI), administrators can visually define policies based on the contextual relationships between any persons, non-persons, services, and things. This intelligence-based approach allows organizations to automate identity orchestration across the entire identity lifecycle.

With ForgeRock Identity Governance, users can access the highly intuitive self-service access request UI or a RESTful applications programming interface (API). Based on AI-driven analytics and recommendations, user access requests can be automatically approved and provisioned without manual, human review and fulfillment. This automated process ensures users are productive from day one while reducing help desk calls and tickets, thus increasing operational efficiencies and lowering security and IT workloads.

ForgeRock Identity Governance allows organizations to perform access certification reviews on a periodic schedule, event- based, and even ad hoc. While traditional identity governance solutions recommend annual or bi-annual reviews, ForgeRock Identity Governance ensures organizations achieve continuous compliance by leveraging AI-driven identity analytics. Organizational actors – application owners, supervisors, administrators, and others – can take corrective action based on AI-driven analytics-based remediation recommendations, such as revoking stale user access rights and automatically removing them. By automatically approving and certifying high-confidence and low-risk access requests, enterprises can reduce operational burdens and accelerate certification campaigns across the entire organization.

ForgeRock Identity Governance allows organizations to define security policies to ensure that toxic access combinations never happen. With AI-driven analytics, security and IT professionals can evaluate segregation of duties (SOD) policies during the access request process as a preventative control to ensure violations or improper access grants do not occur. Combined with the ability to schedule policy evaluations, organizations can proactively scan all identity data as a detective control in order to find rogue accounts or inappropriate user access. By automating policy enforcement, enterprises can reduce security access risks and maintain regulatory compliance across the entire organization.