Using classification data as training set for auto-classification of admin rights

The invention claimed is: 1. A method to improve an ability of an identity and access management (IAM) computing system to determine identity-centric risks in an enterprise, comprising: receiving a training set of data representing classifications of one or more accounts; based on the classifications, computing a machine learning classifier using software executing in a hardware element; applying the machine learning classifier to additional account data to identify, in an automated manner, one or more attributes that cause the machine learning classifier to provide a given classification result, wherein at least one of the one or more attributes is an account type; determining in an automated manner whether the classification result represents a given level of account classification; and when the classification result represents the given level of account classification, applying the one or more attributes identified by the machine learning classifier to new data to attempt to detect an identity-centric risk. 2. The method as described in claim 1 further including re-computing the machine learning classifier when the classification result does not represent the given level of account classification. 3. The method as described in claim 1 wherein applying the one or more attributes to new data includes executing an identity and access management (IAM) detection process to scan for a weakness pattern that is one of: an excessive number of IAM Privileged Accounts (Admins), account sharing, and cloning of access permissions. 4. The method as described in claim 3 further including issuing a notification when the particular classification result generated by the IAM detection process is not definitive and requires further evaluation. 5. The method as described in claim 1 wherein the one or more accounts include IAM Privileged Accounts (Admins). 6. The method as described in claim 1 wherein determining whether the classification result represents the given level of account classification receives a user-supplied input. 7. Apparatus, comprising: a processor; computer memory holding computer program instructions executed by the processor to improve an ability of an identity and access management (IAM) computing system to determine identity-centric risks in an enterprise, the computer program instructions comprising: program code operative to receive a training set of data representing classifications of one or more accounts; program code operative based on the classifications to compute a machine learning classifier; program code operative to apply the machine learning classifier to additional account data to identify one or more attributes that cause the machine learning classifier to provide a given classification result, wherein at least one of the one or more attributes is an account type; program code operative to determine whether the classification result represents a given level of account classification; and program code operative when the classification result represents the given level of account classification to apply the one or more attributes identified by the machine learning classifier to new data to attempt to detect an identity-centric risk. 8. The apparatus as described in claim 7 wherein the computer program instructions further include program code operative to re-compute the machine learning classifier when the classification result does not represent the given level of account classification. 9. The apparatus as described in claim 7 wherein the computer program instructions further include an identity and access management (IAM) detection process operative to apply the one or more attributes to scan for a weakness pattern that is one of: an excessive number of IAM Privileged Accounts (Admins), account sharing, and cloning of access permissions. 10. The apparatus as described in claim 9 wherein the computer program instructions further include program code operative to issue a notification when the particular classification result generated by the IAM detection process is not definitive and requires further evaluation. 11. The apparatus as described in claim 7 wherein the one or more accounts include IAM Privileged Accounts (Admins). 12. The apparatus as described in claim 7 wherein the program code operative to determine whether the classification result represents the given level of account classification receives a user-supplied input. 13. A computer program product in a non-transitory computer readable medium for use in a data processing system, the computer program product holding computer program instructions executed by the data processing system to improve an ability of an identity and access management (IAM) computing system to determine identity-centric risks in an enterprise, the computer program instructions operative to: receive a training set of data representing classifications of one or more accounts; based on the classifications, to compute a machine learning classifier; apply the machine learning classifier to additional account data to identify one or more attributes that cause the machine learning classifier to provide a given classification result, wherein at least one of the one or more attributes is an account type; determine whether the classification result represents a given level of account classification; and when the classification result represents the given level of account classification, to apply the one or more attributes identified by the machine learning classifier to new data to attempt to detect an identity-centric risk. 14. The computer program product as described in claim 13 wherein the computer program instructions are further operative to re-compute the machine learning classifier when the classification result does not represent the given level of account classification. 15. The computer program product as described in claim 13 wherein the computer program instructions comprise an identity and access management (IAM) detection process further operative to apply the one or more attributes to scan for a weakness pattern that is one of: an excessive number of IAM Privileged Accounts (Admins), account sharing, and cloning of access permissions. 16. The computer program product as described in claim 15 wherein the computer program instructions are further operative to issue a notification when the particular classification result generated by the IAM detection process is not definitive and requires further evaluation. 17. The computer program product as described in claim 13 wherein the one or more accounts include IAM Privileged Accounts (Admins). 18. The computer program product as described in claim 13 wherein the program code operative to determine whether the classification result represents the given level of account classification receives a user-supplied input. 19. An apparatus for identity and access management (IAM), comprising: a hardware processor; computer memory holding computer program instructions executed by the hardware processor to improve an ability of an automated IAM detection process to detect identity-centric risks, the computer program instructions comprising program code configured to compute and apply a machine learning classifier to identify one or more account type attributes that cause the machine learning classifier to provide a given data classification result, and to apply the one or more account type attributes identified by the machine learning classifier to enforce a data classification decision. 20. Th