IAM Systems Need to Become More Intelligent

IAM

IAM Systems Need to Become More Intelligent

Business demands on identity and access management (IAM) infrastructure continue to grow. IAM has come a long way to improve access security and operational efficiencies. Organizations today commonly provide single sign-on, employee lifecycle management, and are extending these services to customers and consumers.

Saying that, the current set of IAM tools are very prescriptive. The better you understand and implement the rules, the better your IAM system functions. In a fast moving business, rules are not always well defined, do not uniformly apply across the organization, and change constantly. If that wasn’t enough, the business models change quickly forcing IAM systems to adapt. The IT industry is also going through major paradigm shifts with IoT, cloud services and BYOD.

In this world, how do we provide access to the unknowable and the uncontrollable? Access needs to be provided to people that have little, if any, relationship to the organization on personal devices. Interestingly enough, that relationship to the company can strengthen or diminish based on the business need. Mobile and connected devices are also increasingly being introduced into the enterprise to provide critical business function. These devices are difficult to manage, can have proprietary software, move around, get turned off, get lost, get stolen and can reappear. How as an IAM practitioners do we know if these actions are valid or not? Taking the wrong action could, on one hand, allow a security vulnerability while on the other, could stop critical business function.  

IAM systems need to become more intelligent. They need to:

  • Continually monitor different security and business indicators in real-time. Based on risk scores, access should be granted, questioned, or denied automatically.
  • Not rely solely on access rules but continually learn how users work and build risk patterns appropriately.
  • Leverage distributed trust models
  • Be intelligent about the IAM ecosystem. IAM systems need to seamlessly leverage the strengths of other tools and existing deployments. From a practical perspective, IAM deployments are complex and daunting to replace.  New intelligent capabilities are needed now and cannot rely on a major upgrade existing systems before they are introduced.

By incorporating intelligent and adaptive systems into the IAM infrastructure we can provide services that will enable businesses to grow while meeting security, regulatory, and privacy demands.

 

By David Treece, IAM Enterprise Architect

View More Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Excited to be leading such a great Enterprise Identity Track lineup at this year's @Identiverse where we will have fantastic talks from Tejas Dharami, Will Rose, @GoneSecuring, Namitha Krishna, @bpuhl, & @krobert7. Hope to see you in DC in June! https://t.co/C2BLJ6hmQ3

Put the candy hearts away. We have something you’re really going to love! With 4 months to go, we can’t think of a better way to share the love this #ValentinesDay than giving the gift of #Identiverse! Use code: "identiverselove" by Feb 16 to get 50% off! https://t.co/qgjYZR0vJ2

As the @FIDOAlliance continues to strive for a stronger #authentication world w/o #passwords, the rapid adoption of the #FIDO2 standard is showing a lot of promise. Read this #Identiverse blog for FIDO2 specs & how it’s enabling deployment at scale. https://t.co/KD5RehxToS

Identity pros - find the DC area @WomeninID you work with and encourage them to come meet their industry peers next week. A little bit of time spent could have great results! https://t.co/WRJ8cZdoGn

Many people have asked how #Identiverse continually produces an identity industry conference agenda that sets the bar so high. So from our CFPs to committee review to speakers taking the stage, here’s how it works. @andrewhindle https://t.co/hTVcrnEyDL

Load More...

Enter your details to receive email updates from Identiverse