IAM thought leader Dean Wiech in a piece at CTOvision.com has his eye on four trending technologies/practices in the world of Identity and Access Management that you should pay attention to. While any one particular item may or may not be appropriate to your business environment, but they are driving growth in IAM implementation across multiple industries, and are therefore worth your time to investigate if you care about the security of your data and organization.
Here they are:
1. Cloud-based IAM
On-premise IAM solutions are declining as cloud IAM platforms take up more and more of the market. Wiech explains two key advantages of the cloud:
A main advantage of moving to the cloud is that this strategy allows organizations to make the work of their employees more flexible and allows them to work wherever they are located and to be far less dependent on local servers and other hardware.
Also, cloud applications impose far fewer demands on the equipment on which the work is done. What this means specifically is that these solutions grant employees more opportunity to work more freely from any device, be it a laptop, tablet or smartphone, as well as a desktop computer.
These advantages over on-premise solutions are driving more and more enterprise IAM solution buyers to the cloud in search of better IAM capability. Nevertheless, the cloud may not be a perfect fit for everyone. Getting multiple cloud providers, “which all have their own standards,” to work with each other in tightly integrated network arrangements can be challenging. Wiech is specific in identifying the problem, saying this “means traditional LDAP authentication with the Active Directory becomes considerably more complex in it set up.”
There are a few other problems with cloud based IAM so far as well. One example is how “automatic management of user accounts and rights within the application” becomes more difficult, and another is that current on-premises APIs no longer work over the internet, “which requires the functional application manager to operate with a manual user management interface.”
Overall, however, cloud-based enterprise Identity and Access Management solutions offer more benefit than hassle, thus explaining their increasing adoption.
2. Web SSO
Web Single Sign On combines the benefits of only having to remember one user name and password with the flexibility of the cloud. The user first provides his/her username and password from their organization’s Active Directory into their internal SSO set up, and then the WebSSO “takes over” whenever the user seeks access to an online application. That way, the user doesn’t have to enter their log in information every time they need to open up a new application, as WebSSO does it for them. The benefits go beyond ease of use for your organization:
This process is not only more user friendly, but also is more secure as it reduces the need for end users to write credentials down or store them improperly to remember them.
3. Identity and Access Governance
In strictly regulated industries, the problem of “rights pollution,” or the granting and holding of access rights to those who shouldn’t have them, can become a major problem. This pollution creeps into the system as rights are granted via rights issuance “on the basis of copy-user or template users,” and manually going through who should and shouldn’t have rights can be so time consuming and complicated that it simply isn’t feasible, according to Wiech. By implementing an Identity and Access Governance strategy, your organization can avoid those headaches and risks by making sure “that employees only have the access to the network resources required to perform their duties.”
4. Achieving Broad Access to Information Systems
A growing enterprise need that can come into conflict with many approaches to security is the need to share certain types of information with many different parties as more groups within your organization need more data to do their jobs and organizations and individuals from without require data for any number of potential (good) uses, including transactions. Wiech says that “organizations are taking the initial steps and alongside their Active Directory are building up an LDAP store to enable broader access to information systems,” in an attempt to handle this new turn of events, but problems arise with that approach. Specifically, all those staff and external users need to “be provisioned and made known within the network.” Automated solutions that can handle the provisioning and authentication process should be a must for organizations that find themselves in this situation, so that they can “reduce the overwhelming amount of manual tasks the IT department needs to perform.”
These four trends make Identity and Access Management a “hot” market, according to Wiech, as IAM solutions providers work to meet customer needs. Given the threats out there, let’s hope those IAM solution providers succeed.
For Wiech’s article at CTOvision, click here.
Latest posts by Doug Atkinson (see all)
- Yahoo Goes Passwordless to Access Account Services - April 6, 2015
- The Identity of Things Could Streamline Government Services - March 30, 2015
- The Third-Party Threat: Are You Safe? - March 18, 2015