IGA was born of this fact: if people need rights to do their jobs, then companies need a system to manage those rights. At first, “system” was a target word and people built tool-centric solutions that were then run by techies. Then “rights” became a focus word when business started to realize the benefits of governance.
It is time to put the emphasis on “people,” because IGA exists only to serve all categories of individuals within the enterprise ecosphere—from policy makers to policy constituents. Mobile workforces, cloud and BYOD have changed everything. These three elements have amplified the human factor. Sameness of systems no longer works.
Costidity™ is a way of measuring the cost of the human factor within IGA and IT security. It comes from uncertainties of human behavior and its consequences for the organization, from the cost of not following the company’s guidelines to expenses of monitoring the enforcement of poorly defined policies. By taking a people-centric approach to security we can predict the likelihood of individuals deviating from the policy.
Rather than a technocratic solution to the human factor, I focus on mitigating Costidity™ – the cost of curiosity and policy deficiencies. Costidity™ is a new way of managing the human factor by using mathematical equations to predict behavior.
If you can predict curiosity and policy deviations, you can minimize deficiencies from IGA while finding the right balance between reducing risk and creating more connected and productive people – and enhancing your reputation as an innovative leader.