The proliferation of smartphones, an increase in cybercrime, and the rising adoption of BYOD are cited by industry experts as the leading factors contributing to the booming demand for Identity and Access Management (IAM) solutions (Source: MarketWatch). So, what exactly is IAM, and what role does it play in minimizing cyber threats and data breaches?
Password management tools like the ones we discussed in our recent blog post, “Enterprise Password Management – What Cybercriminals Don’t Want You to Know,” are only part of the IAM toolbox. Most of the leading IAM technologies also include (but are not limited to) security policy enforcement applications, provisioning software, identity repositories, as well as reporting and monitoring applications. These tools give administrators the technologies they need to manage user roles, track activity, report on those activities, and enforce access policies. All of this provides a way to control user access across the entire organization while ensuring the organization complies with government regulations and corporate policies.
Industry experts predictions for IAM in 2020
Over the past few weeks, we’ve seen quite a few articles discussing the future of IAM solutions. Many expect to see some pretty dramatic improvements to identity technologies in the upcoming months and years. While we are not going to highlight all of the predictions, we do want to discuss two that seem to be on the list for many experts.
The beginning of the end for passwords?
As we mentioned in our last post, poor password management practices that make their way into the office dramatically increase the odds of business accounts being compromised. To combat this risk, some IAM providers are working on passwordless authentication methods that use biometrics or proof of possession factors like hardware tokens, one-time OTP, or mobile authenticator apps. Gartner predicts that by 2022 “60% of large and global enterprises, and 90% of midsize enterprises, will implement passwordless methods in more than 50% of use cases — up from 5% in 2018.” Companies implementing passwordless authentication methods will be more secure while also improving the overall user experience during the login process.
Are devices becoming first-class citizens?
The Internet of Things (IoT) complicates IAM due to the sheer number and types of connected devices and the amount of data that needs to be secured. Hackers recently created software specifically designed to break into Amazon Ring security cameras. The software works, too – they were able to gain access to a camera inside the residence of a Tennessee family and speak directly to one of the children in the home. Device providers will begin to prioritize security in earlier phases of development, seeking to beef up security at multiple levels. Analysts speculate that organizations will define secure, unique identities for devices by working with IAM vendors.
Where do we go from here?
The world of IAM is going to see some dramatic changes over the next few years. As cybersecurity, the Internet of Things, and identity management become even more critical to organizations of all sizes, the industry as a whole will need to work together to determine how to mitigate risks while providing excellent user experiences. That’s quite the ask! In the meantime, if your business is struggling with getting IAM solutions deployed, you need to talk to LanYap Networks. Give us a call! We’d love to help.