What does the future hold for Identity Management?

Identity and Access Management (IAM) is no longer the sole preserve of highly technical staff in corporate IT departments. The modern security, risk management and compliance-driven enterprise environment requires the non-technical business executive to actively participate in IAM functions to manage who has access to what, where and how.

Securing the Enterprise

A recent survey by Dell found that organisations are ill-prepared against new and emerging cyber security threats. The Global Security survey found that of the 1,440 IT decision-makers it surveyed only 37% view unknown threats as a key security issue in the next five years.

While 4 out of 5 respondents said they have security processes in place to help them identify a security breach, 40% of respondents do not believe their current infrastructure adequately protects them from cyber-attack.

Top areas identified by the report as being security concerns include:

  • BYOD – Just under half (44%) said BYOD security policies are highly important and over half (57%) said increasing mobile devices are a top concern in the next five years.
  • Cloud Computing – Nearly 3 out of 4 respondents use the cloud but as Tech Republic notes: “Among those organizations that said IT security is a top concern for the next year, 86% are using cloud services.”
  • Internet usage – Nearly two-thirds of respondents expressed concern over the increased use of internet over the next five years. Twenty per cent expressed concern about public Wi-Fi.

Factoring Identity Management into Enterprise Security

A recent report by Forrester posits that the future of identity and access management market will lie in the consumer sector. The Navigate The Future Of Identity And Access Management report published in April 2014 cites Forrester Security Survey’s findings, namely, how 56& of IT security professionals have put in place consumer identity and fraud management measures with a significant proportion of these also moving into the IAM area.

When asked about authentication methods, many organisations said they still used single-factor authentication like username and password (83%) alongside challenge questions (62%) or email links (58%) to protect their consumer facing web portals.

Summarising the report, SecureID news says:

“Threats to security aren’t going away, and weak authentication, authorization and fraud detection capabilities only add to the growing risk. Clients all to often reuse passwords in an attempt to simulate single sign-on, but this method leaves the client much more vulnerable to attack than true single sign-on.

“Consumer sites can be made vulnerable by a number of factors, but Forrester states that its respondents found that privacy issues, loss of consumer trust and regulatory compliance are the top three threats to their consumer portals. Moreover, some 70% of respondents rated their level of concern for each of these threats as a four or five on a five-point scale, while an additional 59% cited concern regarding loss of business due to poor customer experience.”

Poor authentication and the rise of big data make the need for robust identity and access management security all the more a vital concern for corporate IT departments. Forrester’s research goes some length in setting out the value proposition for IAM for consumer-facing organisation. Without it, enterprises risk affecting their bottom line.

Join Whitehall Media at our 9th biannual Identity Management conference on 18 June 2014 to learn more about the latest tools and technologies in the Identity and Access Management (IAM) space. For a full conference agenda and to register your place to attend, visit: www.whitehallmedia.co.uk/idm.