Identity and access management (IAM) leaders are facing an unprecedented rate of change. Digital transformation requires IAM leaders to address the growing interdependencies across diverse platforms throughout their organizations.
IAM systems must become agile enough to support new business initiatives and move quickly — almost in real time — to deal with threats as they arise. Organizations need to shift from thinking of their IAM systems as a collection of separate use case capabilities to creating an intelligent IAM platform.
Brian Iverson, research director at Gartner, and conference chair for Gartner Identity & Access Management Summit 2017, discusses how major digital business technologies, including the cloud and the Internet of Things (IoT), are affecting IAM.
Q: What are the primary issues around IAM in the cloud?
A: Data breaches resulting from privileged account compromise are a top concern with IAM in the cloud. Privileged access management (PAM) solutions, including PAM analytics that monitor for high-risk situations, are available to combat this concern. PAM solutions are required for platform as a service (PaaS) and infrastructure as a service (IaaS), which are on the rise as organizations build agile, intelligent IAM platforms.
Software as a service (SaaS) applications create a significant blind spot for organizations seeking to manage access risk. Organizations take on this additional risk in exchange for the convenience and cost savings of using SaaS applications. While the apps used by the majority of employees have decent application programming interfaces (APIs), about 75% of available apps lack adequate APIs for remote administration.
IAM in the cloud is facing new challenges around privacy. Particularly in the European Union, where the new General Data Protection Regulation (GDPR) will take effect soon, privacy laws may lead to greater complexity in implementing cloud-based IAM analytics. This in turn could have an impact on the cloud IAM marketplace and disadvantage smaller providers.
Learn more about cloud security and strategy in the complimentary Gartner e-book Cloud Leadership.
Q: How is IoT influencing IAM?
A: Robotic process automation (RPA) is a significant IoT use case for IAM. Organizations are implementing thousands of bots to handle repetitive business and IT tasks. Bots must interact with infrastructure systems and business applications. IAM leaders are grappling with how to provide access and address the novel risks arising from this new user community. As a solution, IAM leaders are experimenting with using RPA as an alternative to building traditional connectors to automate provisioning.
Learn more about IoT strategy in the complimentary Gartner e-book Leading the IoT.
Q: What is the next advancement for authentication?
A: Fast IDentity Online (FIDO) authentication technology based largely on biometrics — such as a fingerprint on a smartphone — is being more widely adopted. FIDO enables more streamlined authentication without passwords and increases protection against breaches. Machine learning in cybersecurity applications for identity management systems is also becoming more common. Algorithms can improve the speed and effectiveness of user authentication and authorization processes.
Q: How are identity governance and administration evolving to support digital business?
A: Cloud-based identity governance and administration (IGA) is inevitable. IAM leaders need to break free from the constraints of legacy manual processes for administering user access and embrace a coherent and rational approach to managing access risk. Successful cloud-based IGA solutions will offer a commoditized set of capabilities that enable IAM leaders to demonstrate that they have control over the environment (rather than just going through the motions with procedural controls), and provide end users with a business-friendly user experience.