Interest in IAM solutions has increased substantially over the past few years, as the perpetrators of many high profile breaches have exploited stolen credentials to steal sensitive data and inflict damage on their victim organizations. And, as the popularity of IAM solutions has increased, the solutions are evolving. Once one-size-fits-all IAM products forced their customers’ processes to bend to the product’s requirements. Now, flexibility is replacing rigidity as the governing concept, as IAM solutions – now more accurately described as IAG – are molded to accommodate the established business processes of the user. As the ecosystem IAM products must account for – mobile devices, cloud services, federated users, etc. – expands in complexity, single-product approaches will be challenged. Solutions deployed into existing environments designed to automate existing processes, not modify them, are likely to gain popularity. These “IAM-lite” solutions that allow controls to be extended from the enterprise to hosted services and applications are likely to flourish in this rapidly evolving marketplace.
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.