“This automation allowed for easier review and updates of access privileges, highlighting discrepancies, and simplifying the management of permissions when employees left the organization.” missions based on roles and approval rules. This automation mini- mizes the risk of errors, unintended privileges, and tedious manual tasks associated with onboarding and offboarding processes. PIAM 2.0 also goes where legacy PIAM 1.0 was unable to in the search and identification of insider threats. Insider threats, intentional or unintentional, are often challenging to detect due to their deceptive nature. However, modern PIAM software is designed to uncover access anomalies and suspicious activities by employing machine learning algorithms to analyze data from various access control parameters like timestamps, locations, cre- dential usage, and transaction patterns. By monitoring for deviations from an individual’s normal behavior, PIAM solutions alert security teams promptly so they can initiate appropriate remedial action. These advanced systems significantly improve visibility and understanding of potential insider threats, helping organizations to more effectively prevent unauthorized access attempts that with legacy PACS alone. With PIAM 2.0, organizations effectively eliminate the need for siloed systems managing isolated pain points, thus achieving a more efficient and effective access management approach. PIAM 2.0 in Practice Beyond greater efficiency and security, PIAM software offers a host of benefits for virtually every type of industry. Take health- care for example, an industry hit hard by recent staffing shortages and rising labor costs. To combat these challenges, hospitals and other healthcare providers are turning to temporary and con- tracted workers. These types of workers provide flexibility in managing work- force needs, allowing businesses to scale up or down based on demand. However, they also introduce the risk of security/access violations and may even require several types of access based on their current work assignments. Healthcare facilities are also unique in that they are highly regulat- ed, yet public places. Hundreds, potentially thousands, of employees, patients, contracted workers, and visitors are coming and going from the facility each day. Managing access for each of these identities man- ually is both time inefficient and practically impossible based on the sheer volume of identities. Allocating more staff to address access pro- visioning and visitor management is not possible given the aforemen- tioned labor challenges, creating a security issue if left unaddressed. PIAM 2.0 solutions address these concerns with ease, using software instead of people to keep hospital operations running as safely and efficiently as possible. First, PIAM software provides a holistic view of all identities across all potential healthcare cam- puses. This allows administrators to manage their entire third- party staff from a single pane dashboard, consolidating insights and ensuring policies are consistently and accurately enforced. PIAM also makes it possible to implement automated contactor requirements, including automated badge application review and approval processes, automatic termination of physical access imme- diately upon expiration of pre-requisite criteria, or a secure applica- tion process that collects all pre-requisites (training confirmations, identity documents, background checks, etc.) required to confirm work assignment eligibility. In this way, many of the headaches as- sociated with contractor management are effectively eliminated. Achieving regulatory compliance is also imperative for many of today’s largest enterprises. Industries such as healthcare, energy, aviation, and more are bound by regulations related to access and privacy. For example, the FAA Extension, Safety, and Security Act of 2016 tightened the requirements for security measures related to airport access control. Under this act, any airport found to have more than 5% of their Security Identification Display Area (SIDA) badges unaccounted for must effectively rebadge the entire airport. The process of rebadging thousands of individuals would be both tedious and time-consuming, but also costly. To confirm compliance and avoid infraction, automated PIAM 2.0 solutions can be deployed to continuously check actual operational data against policies and historical data patterns. In essence, this approach can be described as a “continual audit,” automatically enforcing and proving compliance to keep any op- eration audit ready at all times. Management can easily review access sorted by person, by area, by approver, or any other relevant factor to answer urgent needs. These capabilities extend to all industries that are subject to regula- tions including CCPA, FISMA, GDPR, HIPAA, SOX, SOC 2 Au- dit, NERC CIP, TSA SD, and more to help ensure 100% security compliance across all facilities and avert costly infractions. The Future of PIAM The security industry has come a long way since the advent of access control and even legacy PIAM 1.0. However, there is still much to be discovered in terms of data-automation as it relates to security. On the horizon, imagine an AI co-pilot that gener- ates access or visit requests based on an existing schedule and the queue of individuals requesting visitor access. The same AI assis- tant that just generated the visitor schedule would then be able to deliver access notifications to both administrators and end users through an existing corporate messaging app. These kinds of capabilities have the potential to positively trans- form how organizations address physical security, so it becomes a more natural extension of those procedures and applications already in use today. They also underscore the growing impera- tive for enterprises to make use of the data that is available to them now to facilitate higher levels of security and efficiency. Ajay Jain is the president and CEO of Vector Flow.    22 SEPTEMBER/OCTOBER 2023 | SECURITY TODAY COVER STORY