The New IAM: 5 Challenges That Add New Risks March 25th, 2019
Identity access and management (IAM), the IT security discipline dedicated to ensuring that the “right persons have access to the right resources at the right time for the right reasons,” has been around since the early 2000s. At that time, organizations and their IT teams were responding organically to the need for managing identity.
The urgency of the issue was not recognised, however, until events precipitated by Enron and other companies led to Sarbanes-Oxley (SOX) legislation, which called for tighter controls on employee access.
With IAM, organizations can provide users with a single identity (or single sign-on) to use for access to a wide range of applications and devices across the enterprise. Over the years, the road to IAM at many organizations has been a bumpy one. With thousands of users and hundreds of applications to manage, the challenges are greater than ever.
A recent report found, for example, that 44% of organizations take weeks to provide access across applications and systems—and 32% of IT organizations can take weeks more to remove former users from access to applications and systems.
Many other developments have created additional speed bumps:
More devices. More problems
The interconnected world of devices in which businesses operate complicates identity management. The proliferation of IoT-enabled devices with their disparate authentication methods, for example, is creating havoc for organizations seeking ways to identify and manage them appropriately.
IAM in the cloud
Digital transformation of organizations complicates things even further. Moving to the cloud has added new networks and platforms that users must access, and organizations must manage. According to a recent report by Forrester, today’s digital businesses need to do more than enforce employee access to corporate applications and data. They need to pay attention to access of employers, partners, and customers in hybrid environments that encompass cloud, on-premise, mobile, and SaaS applications.
A new balancing act
The General Data Protection Regulation (GDPR) has created a need for greater integration of security and privacy. Even though this regulation only applies to data for EU citizens, it is quickly impacting IAM best practices everywhere, making it more important for businesses to respond to employee demands for the way their data is managed, while ensuring their privacy.
Not enough experts
Clearly, the demand for IAM capabilities will increase, but that growing demand is also creating a shortage of IAM professionals, according to Forrester, which reports that 40% of respondents to its 2017 Data Global Business Technographics® Security Survey expect their IAM budgets to grow.
Identity solutions for you
Your IAM solution should include partner software with RF IDeas readers to lock down access controls and establish privilege access so employees only have access to the systems and information they need to effectively do their jobs and only for the necessary duration.
RF IDeas offers a complete family of badge readers to meet your need for error-free identification—and with flexible configurations and multiple form factors to meet your IAM requirements. These readers can help you take your IAM program to the next level, supporting the enterprise as you adapt your IAM strategies to address mobile credentials for logical access and authentication. For more information contact BlueStar Europe, which can create your total secure identity solution.
Samantha is BlueStar's Digital Media Specialist, and the primary contributing writer for VartechNation.
Previously, she has worked as a Public Relations Associate and a Social Media Manager.