ServiceNow counts among the market’s most widely used IT Service Management platforms, on the market and numerous integrations between Identity Governance and Administration (IGA) systems and ServiceNow have been built over the past years.
The most common type of integration addresses challenges around manual fulfillment, typically limits to requests originating from the IGA system, and enables ServiceNow ticket creation and ticket state tracking, which are considered must-have capabilities for any IGA vendor today.
In a post-pandemic landscape stressed about service delivery, Enterprise Service Management (ESM) has emerged as another catchphrase or evolution when talking about extending ServiceNow capabilities to address more business-centric use cases in a seamless fashion.
Delivering shared services through multiple IT tools and platforms for the entire extended workforce can become increasingly complex, and the discipline proposes unified employee experience and efficiency through the use of a single service portal – ServiceNow.
While efficient business processes and workflow automation can result in productivity and cost savings, all starts from facilitating the work of individual employees and partners through self-service of information, actual work tasks, and routing of these in the organization.
From a requirements perspective, this means bringing the IGA end user portal functions (e.g. manager or employee), such as requesting access, approvals, certification and delegation inside the customer ServiceNow instance, experience, and branding.
The rise of "ServiceNow apps"
Following ServiceNow's increasing relevance for Identity-as-a-service (IDaaS) customers, we are now witnessing the rise of "ServiceNow apps" from the established IGA product vendors: out-of-the-box (OTB) integrations in the form of certified applications running on ServiceNow that provide varying levels of integration capabilities.
And not merely extensions but new product vendors have implemented a complete identity lifecycle management suite as a ServiceNow scoped application – installable from the ServiceNow store and leveraging the reliability and performance of the trusted and well-known Now! platform.
After roadmapping and strategic deliberations, some clients have indeed chosen this approach, which can be considered as “a path for IAM modernization” – using their existing IT infrastructure, such as Now! IT Service Management platform, for delivering IAM capabilities.
Clients acknowledge that although HR attribute-based Joiner-Mover-Leaver (JML) automation of authorizations for human identities having interactive accounts is best implemented under the IGA realm, ServiceNow change management process provides a level of administration for non-human identities such as assets residing as Configuration Items (CI) in Configuration Management Database (CMDB).
IGA vendor capabilities
All this said, let’s have a look at capabilities that IGA vendor ServiceNow applications are offering and things to consider when integrating.
The underlying question that customers ask themselves is whether ServiceNow or perhaps some other SaaS platform, such as Salesforce, Workday, or Atlassian, should be their one-stop shop for IGA, IAM, or PAM. Alternative target operating models to traditional IDaaS are maturing and offering convergence in our multi-cloud and multi-hybrid world.
Looking beyond the traditional workforce IGA into the offing is advisable. Not only because there exists a plethora of identities outside your organization, but because non-human identities, such as devices, robots, and other things, similarly require governance, compliance, and security. After all, IGA solutions alone can not cater to all the requirements.
When novel IGA requirements related to ServiceNow begin to arise in your organization, we hope this article has given you food for thought. Nixu advisory can help you recognize, define, and implement the best IGA approach for your organization when considering available Identity-as-a-Service solutions, whether they consist of a native- or extension-based ServiceNow integration.
About the authors
Markku Kilpinen works as IGA Architect at Nixu’s Digital Identity business unit and has led and participated in diverse IGA implementation projects, most recently using Clear Skye and Saviynt technologies.
Mikko Hellstén works as Senior IGA Consultant at Nixu’s Digital Identity business unit and is developing complex IGA implementations and integrations for Saviynt Enterprise Identity Cloud (EIC) customers.