Published: 26 July 2017
Analyst(s): CIO Research Team
This white paper is based on identity and access management (IAM) research at midsized organizations. We spoke with about 30 IT and information security leaders to understand how their companies are building IAM capabilities to support digital transformation. We also surveyed midsized organizations to gather data on their IAM challenges and investments to inform this research.
Changing Landscape and Implications for IAM
Growing Cybersecurity Threats
Growing Digital Trends
Approaches to Improving IAM
1. Tie IAM to Business Drivers and Show Its Contribution to Business
2. Uncover IT and Business Pain Points to Drive Improvements
3. Take a Maturity-Focused Approach to Improve Access (Security) Controls and Better Protect Against Cyber Threats
4. Strengthen Password Management Practices to Mitigate Hacking and Misuse
5. Implement Role-Based Access to Manage Evolving Access Needs
6. Improve Governance of User Access and Roles
7. Empower Employees to Act as Controls and Uncover Vulnerabilities
8. Grant the Access That Mobile Users Need, But Only What They Need
9. Strengthen Privileged Access to Secure Critical Information and Systems
10. Expand Sources to Learn About Third-Party Relationships and Secure Access
About This Research
©2020 Gartner, Inc. and/or its affiliates.
All rights reserved.
Gartner is a registered trademark of Gartner, Inc. and its affiliates.
This publication may not be reproduced or distributed in any form without Gartner’s prior written permission.
It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact.
While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information.
Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such.
Your access and use of this publication are governed by Gartner’s Usage Policy.
Gartner prides itself on its reputation for independence and objectivity.
Its research is produced independently by its research organization without input or influence from any third party.
For further information, see
Guiding Principles on Independence and Objectivity.