Introducing HelmsBoard™ Analytics Dashboard for SailPoint’s Identity IQ
Enterprises are increasing their usage of platforms which aggregate business critical statistics. Real‐Time Data Dashboards are a means to bring business significance to this deluge of information.
Identity Management best practices require usage and compliance reporting to judge SLAs, as well as the volume and effectiveness of resources expended to separate areas of the business. Historically, a technical knowledge of IAM platforms is required to translate data into a meaningful business context.
Organizations require a data aggregation solution tha. is integral to the operations of identity management processes. Solutions, for example SailPoint. offer a high degree of control of the lifecycle of identity data for an organization. As IAM/IDM deployments have grown in sophistication, their scope has expanded as well. Typically, these deployments sought to replace internal home-grown or manual solutions aimed at the employee/contractor lifecycle. The IAM/IDM deployment scope is expanding to include business partners, suppliers, vendors, clients and customers, and opening these platforms to additional services (SaaS) and communities increases their criticality to the organization.
Historically, SailPoint IdentityIQ has been used to report status on a periodic basis. This reporting was accomplished via interactive analytics based on snapshots of data at a point in time. Using HelmsBoard, SailPoint data i. aggregated along with a variety of environments and HelmsBoard can consolidate data views across multiple environments.
As metrics change, a snapshot based approach can leave blind spots in an organization’s view of data; thereby delay decision making.
Platform Agnostic Support
Using HelmsBoard, there are no constraints on the visualization of data. Any platform is easily supported using open APIs. HelmsBoard data streams include Ducksboard, Splunk, Google Analytics, ZenDesk, Geckoboard, and Allgress.
Meaningful Data Mining
HelmsBoard provides a meaningful dissemination of metrics and Key Performance Indicators for different stakeholders in the organization. Real-time presentation of data allows at a glance understanding of how SailPoint IdentityIÏis performing at any given moment; making metrics about system behavior, loads and performance immediately available.
Reporting the metrics of different Identity IQ behavioral aspects can assist in answering common questions:
- What SLAs are we providing with respect to account management?
- What areas of the system could benefit from additional resourcing?
- Where are the inefficiencies in the security/identity lifecycle?
- What was our uptime over the last 30 days?
- How many accounts are under management by the system?
- How many accounts are orphans?
- What percentage of our user population represents a high-risk to the enterprise?
IdentityIQ captures all of the raw metric data, and HelmsBoard is capable of presenting trending information and operations data in a real time console.
HelmsBoard provides visibility into the metrics of SailPoint’s IdentityIQ regardless of how metrics are currently monitored in the enterprise. HelmsBoard goes far beyond “static reports” by providing a data mining servic. for rapid investigation of KPIs. Numerous default Key Performance Indicators are presented, with the ability to easily expand KPIs based on customer need.
Key Performance Indicators include:
- Account Metrics ‐ Total and Per Resource
- Provisioning Metrics ‐ Counts, Durations, Errors
- Process Durations and Baselines ‐ An example of this would include aggregation timeframes across multiple data sources including trending information
Scalable and Resilient
HelmsBoard is a Software-as-a-Service (SaaS) solution that provides visibility into the operational performance of IdentityIQ, even when offline. This is accomplished by HelmsBoard’s proprietary DIA (Dashboard Integration Adapter) platform which runs within the highly scalable Google Apps Engine. The DIA extracts status information from the DIM (Dashboard Integration Module), which in turn runs directly within the IdentityIQ runtime. The DIM is idle until the DIA initiates communication. If the DIA cannot contact IdentityIQ, it still retains all of the previous statistical data it has collected.
In the event a DIA process node fails, Google Apps Engine is able to transparently resume processing on another processing node. Using load balancing, multiple DIA instances are capable of running simultaneously.
The DIA framework is compliant with the following audit processes: SAS70 Type II, SSAE 16 Type II, ISO 27001 and ISAE 3402 Type II.