Generative AI has been making waves in tech and beyond, but if not applied with caution, it can actually do more harm than good.
Generative AI has been the topic of conversation since OpenAI thrust it into the mainstream. In fact, there are few industries not feeling significant shifts from the technology, from customer service to healthcare and everywhere in between.
One only needs to look at the numbers: a recent John Snow Labs study revealed that GenAI budgets have increased significantly from 2023, with nearly 20% of healthcare technical leaders reporting a budget growth of over 300%.
It’s not so surprising. When executed correctly, the value of GenAI is undeniable, offering substantial savings in time, money, and resources. But the hard truth is, most GenAI projects fail. There are a slew of reasons why, ranging from unrealistic expectations, to a lack of data science talent to run point on AI initiatives.
One area experiencing this first-hand is . This is the cornerstone of security and compliance at every organization. And while there’s big AI potential for GenAI transformation, there are several key challenges that smart leaders should keep in mind.
1.) Data quality issues
All AI success is dependent on the quality of the data it processes. Unfortunately, in many organizations, identity data tends to be disorganized, outdated, and inaccurate. For instance, a recent survey found that 50% of respondents rely on email for managing permissions and entitlements. The principle of “garbage in, garbage out” is particularly relevant here; if the input data is flawed, the AI-generated outcomes will be equally flawed and essentially worthless.
2.) Business silos
A significant hurdle for both GenAI applications and IT departments is the integration of data from various isolated systems, including emails and spreadsheets. This integration challenge is compounded by the need to ensure the accuracy of the data. In identity management, this means verifying that all employees are current, in the correct positions, and have appropriate access rights, as reflected in the data.
3.) Data handling complexities
GenAI requires extensive data to operate effectively. Identity governance systems deal with sensitive and varied datasets, including personal and access-related information. Ensuring that GenAI models can handle this data while maintaining privacy and security involves complex processes of data anonymization and encryption.
4.) ٲ
Identity governance relies on precise user identification, access control, and compliance monitoring. GenAI models can sometimes generate inaccurate or unexpected results due to biases in the training data or inherent model limitations. Establishing the reliability and trustworthiness of AI decisions for critical governance tasks is a major challenge.
5.) dzԳ
Identity governance systems must comply with stringent regulatory standards such as GDPR and HIPAA. Integrating GenAI into these systems requires thorough compliance checks and auditing capabilities. The AI must be transparent and explainable, which is often difficult with complex generative models, posing potential regulatory risks.
To achieve the desired outcomes from GenAI—and to enhance overall business operations and security—organizations must prioritize data cleanliness. Otherwise, GenAI results will fall short of expectations, leading to wasted time, resources, and frustration.
There are tools available to assist with this process. For example, the Common Service Data Model (CSDM) offers a standardized set of terms and definitions applicable to all ServiceNow products. It consolidates duplicated platform data from various functions such as SecOps and CMDB into a central repository. But it still requires clean data.
The rising interest and budgets for GenAI capabilities indicate it’s not going anywhere. While data synchronization tools are a beneficial first step, they’re not the stop-gap solution. If you plan to leverage GenAI in your identity management program, it’s crucial to commit time and resources to getting your data in order first.
