Next-generation adaptive access services
One of the most pronounced trends in IAM today is the ubiquitous use of analytics. “Whereas traditional adaptive authentication was rule-based, the next generation of adaptive access services combines rules with machine learning and advanced analytics,” says Paul Rabinovich, senior director at Gartner. “Rules are useful but limiting. You may not have thought of all possible scenarios.”
For example, unsupervised learning is good at anomaly detection. An organization can establish a baseline for a user or a group of “similar” users, and it can detect that today the user is behaving differently and take corrective action.
See Paul Rabinovich at his IAM Summit sessions:
- Application Migration to the Cloud Requires a Strong IAM Strategy
- Cloud-Based MFA Is Ready for Prime Time
- Active Directory: Eliminate Your Technical Debt and Move On
Privileged access management (PAM)
“PAM is all about securing the keys to your kingdom,” says Gartner senior director Felix Gaehtgens. “It is one of the most critical security controls to implement.”
The good news is that IT leaders can quickly realize value with PAM controls by reducing the attack surface. However: reduction doesn’t necessarily mean elimination, as privileges are hidden everywhere — in administrative accounts, system/service accounts, containers, devices and codes. Tackling this requires finding and managing accounts, alongside rethinking the operational model for privileged access overall.
“ Think about the five “W’s” of privileged access — who, when, where, why and what”
“Organizations make the mistake of assuming they can manage privileged access in the same way they manage regular access,” says Gaehtgens. “Instead they must think about the five “W’s” of privileged access — who, when, where, why and what — and adopt a new operational model for PAM, one that emphasizes purpose-driven, just-in-time privileged access.”
See Felix Gaehtgens at his IAM Summit sessions:
- Manage Privileged Access to Reduce Security Risks and Increase Agility
- Plan for Success With Identity Governance and Administration
- The Five-Step Approach on How to Choose IAM Solutions
Evolution of IAM leadership
“As digital transformation places new significance on reinvention, successful IAM leaders will collaborate with others in the business to orient people and resources, and ensure that the IAM vision reflects new business goals,” says Gartner senior director Kevin Kampman.
See Kevin Kampman at his IAM Summit sessions:
- Keynote: The IAM Magic Quadrants and Critical Capabilities
- What's Your IAM Vision and Strategy?