Ahead of the Gartner Security & Risk Management Summit in Sydney later this month, we asked research director Anne Robins about the latest identity and access management (IAM) trends driven by digital business this year and how Australian businesses are responding.
1. Australian organizations are forecast to spend US$83 million (A$114.5 million) on IAM technologies in 2016. What are they trying to achieve?
Australian businesses are focused on embracing the new role of identity in digital business and all of the aspects of an identity’s lifecycle. It's become a core underpinning piece in how a digital business is shaped and how it operates. One of the biggest areas of spending by organizations is on managing the identities of their customers. As a digital business, they’re trying to do more (volume) and more complex transactions. The online customer relationship is changing, as well as the expectations of the consumer.
2. What are the major trends influencing IAM in Australia in 2016?
Australian consumers are becoming more educated and more mature in their use of technology, which translates to their expectations of the way they are going to interact with a business online. Therefore, the focus on user and customer experience becomes increasingly more important. Identity is one of the key factors that drives the way in which we manage that experience.
We’re also seeing the emergence of identity and access management (IAM) as a service (IDaaS), making it easier for organizations to deploy multiple cloud services without maintaining multiple identity stores with cloud providers. Interest in Australia has lagged some of the other regions, but organizations are really starting to understand how IDaaS can help them scale better, be more agile and deliver a better customer experience. Also, IDaaS can help them deal with the challenges in the level of expertise required to manage identity problems that they aren’t able to manage themselves.
A number of IDaaS providers have come into the Australian market in the last 18 months or so, bringing mature and proven solutions that have been in other markets for a while. There’s a great opportunity for Australian businesses to take advantage of IDaaS, without having to experience the teething problems often associated with new offerings.
3. What are the most common challenges that you’re hearing about from Gartner clients?
Identity has traditionally been viewed in two main categories: internally – how businesses deal with employees, and externally – how they deal with customers. However, those two things are no longer completely separate, either from a business or technology point of view. A business now has a lot of other types of user constituencies that it interacts with, whether partners, contractors or other types of third parties. This means they now have a much bigger pool of identities to manage and trust. Businesses are finding it difficult to figure out how to move from the traditional model to one that is much more complex and fluid. Part of this is figuring out how to establish and maintain trust throughout the course of the relationship.
Many organizations have also invested heavily in traditional IAM systems, which don’t necessarily translate well into this more fluid or complex world. Identity is no longer a backroom concept, but something that should be front of mind when designing business processes and architecting solutions.
Another challenge is the problem of privileged access – how do businesses access all of the different types of privileged accounts and operations that exist across the infrastructure. It’s a very complex area from a technical point of view and can be difficult to find solutions. A number of large, high profile breaches have led to top down pressure from executives asking security and risk teams to assure them it won’t happen to their business. This intense focus on privileged access management has driven a huge increase in Australian organizations wanting to better understand the problem and needing help in finding the right solution.
4. What impact is digital business having on identities, privileges, access and trust for Australian businesses in 2016?
Digital business has brought IAM from being a backroom discussion amongst security, identity or risk professionals to being front of mind as a top business priority for business leaders. Everything a digital business does in terms of how it attracts new customers, how it manages relationships and how it delivers new services, is fundamentally based on our ability to manage identities, privileges, access and trust, which are all interrelated. If we don’t get that bit right, the fundamental basis of a digital business breaks. In all of the new, innovative and agile things that we’re trying to do, if we’re not focusing on how we’re going to manage identities, then it’s very hard to get the rest of it right.
Ms. Robins and other Gartner analysts will be examining the latest security and risk management trends in more detail at the upcoming Gartner Security & Risk Management Summit in Sydney, 22-23 August.
Gartner, Inc. (NYSE: IT) is the world's leading research and advisory company. The company helps business leaders across all major functions in every industry and enterprise size with the objective insights they need to make the right decisions. Gartner's comprehensive suite of services delivers strategic advice and proven best practices to help clients succeed in their mission-critical priorities. Gartner is headquartered in Stamford, Connecticut, U.S.A., and has more than 13,000 associates serving clients in 11,000 enterprises in 100 countries. For more information, visit www.gartner.com.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.