In one of the opening statements of Identiverse 2018, Ping Identity and Identiverse Chair CEO Andre Durand said that identity is experiencing a Cambrian moment—a period of unprecedented evolution and expansion.
Indeed, many digital security experts expect identity to absorb and subsume the entirety of the cybersecurity field in the near future. But how? What new forms of identity and access management will grow to prominence? We’ve discussed biometrics, identity governance and administration, multifactor authentication, and privileged access management in the past, but what about the more obscure new forms of identity and access management?
Here are three new forms of identity and access management we think your enterprise needs to follow:
Blockchain
Blockchain is simultaneously the most famous of the new forms of identity and access management and the most contentious. Some experts and plenty of enterprises believe that blockchain will be a panacea for all identity woes, the solution to this era of data breaches. Other experts believe that blockchain can’t possibly live up to those expectations and lack the means to do so in any case.
In either case, everyone can agree on the board theory behind blockchain in identity and access management: Online transactions, as a rule, rely on the disclosure of users’ personal information, usually in the form of login information. These are stored in databases throughout the web, where it could be cloned either by third-parties or by password reuse—putting information in locations outside the knowledge of users.
Obviously, this can lead to all sorts of security issues jeopardizing both the individual user and their place of employment. Compounding this issue are third-parties accessing and exploiting users’ identity information without their knowledge or consent. Legal efforts like GDPR attempt to curtail these issues, but they have not reached global ubiquity.
Again, this is not just a personal issue: employees reuse their passwords so often that their credentials in the wrong place could place your business’ databases and proprietary assets in peril.
Blockchain aims to solve those issues by allowing enterprises to create encrypted digital identities to replace users’ multiple login credentials akin to single sign-on— ultimately saving their enterprises time and resources. Blockchain identities are also decentralized to prevent hackers getting their hands on them.
Should your enterprise use blockchain to form employees’ credentials? The answer is not quite clear yet. But so much attention and so much investment going into blockchain as an identity and access management solution, it is certainly worth taking note.
Identity and Access Management Microservices
Microservices are a cloud-based IT resource option that is lightweight and autonomous, and possibly one of the new forms of identity and access management. Much like blockchain, microservice, are decentralized and distributed modules designed run applications as opposed to a more traditional centralized approach. This emphasis on decentralization thus affords microservices the same protection against hackers blockchain theoretically enjoys; they are stronger against external attacks than traditional identity and access management’s singular directories.
Microservices’ architecture allows it to remove single points of identity failure in the network, prevent the unnecessary storage of users’ personal identifying information, and allow for a granularity of network scaling.
Most IAM security experts agree that microservices can’t replace traditional IAM entirely. However, it can facilitate IAM security by breaking up the user directory that would otherwise be a lucrative target for the unscrupulous. It might be worth considering as your enterprise and users scale ever upwards.
Identity as Perimeter Security
The fact of the matter is that the network as was once understood is changing, and thus the IT perimeter is changing with it. Mobile devices and cloud adoption is pushing enterprises to move away from firewalls as their perimeter security. Instead, perimeter security is becoming one of the new forms of identity and access management.
In an interview with Dark Reading, Oracle Security SVP Eric Olden noted that moving to the cloud causes enterprise networks to be bombarded with data at a faster volume than manual approach can handle. “We’re past the days of writing a virus,” he said, “Now we’re talking about very organized operations trying to get identity data.”
The focus must then shift to keeping out unwanted visitors and users from entering your network in the first place. Enter identity: by implementing multifactor authentication at your perimeter, you eliminate the issue of passwords’ insecurity and prevent hackers from cracking your defenses.
Other Resources:
Blockchain vs. Biometrics: Are They Equal Identity Management Innovations?
5 Questions on Blockchain with Vaughan Emery of Atonomi
Is Blockchain the Future of Cybersecurity?
The 10 Coolest IAM and Identity Security CEO Leaders
Privileged Access Credentials (With Identity Automation)
The Importance of Edge Use Access (With Identity Automation)
Managing Third-Party Privileges with Identity Automation
IAM vs CIAM: What’s the Difference?
The Role of Identity in Digital Transformation
The Current State of Biometric Authentication in IAM
Comparing the Top Identity and Access Management Solutions
The 32 Best Identity and Access Management Platforms for 2018
Widget not in any sidebars
Ben Canner
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
- The Best Biometric Authentication Software to Consider in 2024 - January 8, 2024
- The Best Privileged Access Management Providers for 2024 - January 1, 2024
- The Best Identity Governance Tools and Vendors in 2024 - December 31, 2023
