IAM: What the World is Saying


If you are a business pulling through the post-pandemic years and harnessing the potential of digital workspaces and marketplaces, identity management and access management are no longer an option – they are a necessity.

It is the fundamental protection measure for the company’s digital resources, including networks, applications, and organizational and user data. Without robust identity and access management systems to verify a user’s identity and role, a business leaves the doors open for instances of unauthorized access that lead to serious data breaches and severe legal penalties.

Therefore, business and IT leaders must keep updated with the growing trends, concerns, and emerging threats around the development of effective IAM systems.

No More Passwords

Passwordless authentication remains the aspect of IAM that business leaders must take on board. Until now, most multifactor tools have required consumers to use third-party apps or purchase additional software.

Having a singular password for multiple employees or having those with access management choose their passwords is a seriously dangerous outdated policy. Fingerprint or facial recognition software has been on the rise since the pandemic period, with biometrics extremely hard to replicate to a successful level.

Know Your Customer/Anti-Money Laundering

Know Your Customer and Anti Money Laundering mandates are no longer the exclusive push of financial institutions and government agencies. Today, they are a focus of enterprise identity and access management.

Following security breaches at MGM and Caesars that were rife with phishing and ransomware attacks, these standards are stepping out of emerging trends to become a vital component of IAM in all sectors. IAM is both a shield and a target, and lately, identity complexity and size have drawn larger numbers of bad actors.

The Caesars hack is a prime example of how the gaps in identity security are opening the vaults to cyber criminals.

Cyber Insurance Risk Management

Companies should be leveraging proper IAM hygiene to reduce the premiums on their cyber insurance. Brokers and providers of cyber insurance look into critical IAM areas around governance, privileged access and recertifications when determining a company’s risk. They also look into critical account protection and least privilege access.

Another area that could be on the docket is bad actors using generative AI in identity management. AI is enabling more sophisticated hackers to impersonate key individuals, with the lower cost and inconvenience bound to appeal to less sophisticated attackers in due course.

With enterprise security and identity management a key focus of our future identity management event, check out the upcoming events from Whitehall Media.