Notifications
Clear all
Topic starter
12/06/2026 9:39 pm
TL;DR: Moving access requests, approvals, certifications, and alerts into Microsoft Teams can reduce approval bottlenecks, mobile friction, and email-driven risk, while keeping governance controls and audit logging in the background, according to Saviynt. The bigger issue is that identity governance fails when decision-makers must leave the workflow to govern it.
NHIMG editorial — what this means for NHI practitioners
By the numbers:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface.
Questions worth separating out
Q: How should security teams reduce approval bottlenecks in identity governance?
A: Security teams should reduce bottlenecks by moving time-sensitive approval actions into the workflow where approvers already operate, while keeping the identity platform authoritative for policy and logging.
Q: Why do email-based access approvals create governance risk?
A: Email-based approvals create governance risk because they separate the decision from an authenticated working session.
Q: What breaks when approvers have to leave their normal workspace to approve access?
A: What breaks is consistency.
Practitioner guidance
- Map approval latency by workflow step Measure how long access requests, certifications, and emergency grants sit between request, review, and final decision.
- Keep the identity platform as the system of record Let Teams carry the decision surface, but keep policy enforcement, audit logging, and separation of duties in the identity platform so the collaboration layer never becomes the authority.
- Use authenticated in-app actions for high-risk decisions Move urgent approvals away from email links and into authenticated collaboration sessions where the approver sees risk context, entitlement details, and policy violations before acting.
What's in the full announcement
Saviynt's full article covers the operational detail this post intentionally leaves for the source:
- Native Microsoft Teams card examples showing what approvers see before they decide
- Workflow specifics for access requests, certifications, and security alerts inside Teams
- The roadmap for natural-language identity actions and conversational governance
- How the integration preserves audit logging, separation of duties, and platform controls
👉 Read Saviynt's analysis of Teams-native identity governance →
Microsoft Teams for identity governance: what changes for IGA teams?
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
12/06/2026 11:52 pm
Decision latency is now an identity control problem, not just a productivity problem. When approvers must leave their workstream to reach a separate IGA console, governance inherits the same friction that caused legacy service desks to fail at scale. The issue is not interface preference. It is that access control loses force when the review path is too inconvenient to use consistently. Practitioners should treat approval latency as a control weakness, not a user-experience annoyance.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which means many access decisions still happen without complete entitlement context.
A question worth separating out:
Q: Who is accountable when a collaboration app is used for identity approvals?
A: The identity team remains accountable for the control design, the identity platform remains accountable for enforcement and evidence, and business approvers remain accountable for the decision itself. A collaboration app is only the interface. If controls, logs, and SoD checks move into chat without a system of record, accountability becomes harder to prove.
👉 Read our full editorial: Teams-native identity governance changes how access decisions happen
