Identity & access management (IAM)
What is IAM?
- A set of business process and tools for providing access to the right resources at the right time for the right reasons. Providing visibility into who has access to what and why along with how the
access is being used.
- IAM is not just about protecting organisations against main threats such as insider threats and credential theft, it is also about business enablement and improving the end-user experience.
Why it matters
- According to a survey from The Identity Defined Security Alliance 94% of organizations have had an identity-related breach, which 99% believe could have been prevented.
The Move to the cloud and “as a Service models”
This will continue to evolve as tools become cloud-native and are true SaaS tools.
The use of machine learning and behavioral analytics
for a more dynamic or adaptive way of working where decisions are made in near real time.
Extending the role of identities and access
beyond people and traditional roles and entitlements
Identities are no longer limited to carbon-based units and are taking the form of devices (e.g. IoT) and applications (e.g. RPA).
Zero Trust Architecture (ZTA)
recognition of the insider as a key threat is forcing organizations to rethink the importance of identity and concepts such as the Principle of Least Privilege.