The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Endeavor Agility. Register now!
A rash of cyberattacks has renewed attention on identity and access management (IAM), which is experiencing a surge in demand across enterprises today. Development in such tools is driven by organizations’ want to defend and develop virtual workforces whereas securing digital transformation initiatives.
A locate at the trends influencing IAM is in declare, and such a view is afforded by a latest Forrester locate called “The Top Trends Shaping Identity And Access Management In 2021.”
Written by Forrester analysts Sean Ryan and Andras Cser, the locate affords insights into seven key trends defining the IAM market in 2021. IAM has an integral position in zero belief security frameworks, helping to be certain that least privileged access to proprietary data and programs.
The Forrester locate’s seven key trends emphasize that it’s time for enterprises and the CISOs supporting them to reprioritize their IAM roadmaps. That is because of how fast the identity and access management and related governance tool landscape is changing today. The following is an assessment of Forrester’s seven trends defining IAM this year:
Identity and access management gets recognize
Spending on IAM solutions accelerated like a flash in the 2nd half of 2020, driven by many organizations’ want to toughen business continuity and defend workers. The pandemic caught many organizations unprepared for the scale and sophistication of cyberattacks on virtual workforces. With bad actors on the hunt for privileged access credentials that would enable lateral saunter across a breached organization, cybersecurity teams worked nonstop in many instances to launch two-factor authentication (2FA). Forrester predicts that IAM development will continue to accelerate in 2021. The firm’s research found that 61% of security decision-makers plan to increase their IAM budget in 2021, with 32% expecting to increase by 5% or extra.
Passwordless gets real
Forrester predicted passwordless authentication would sprint mainstream a year ago, mentioning the skills in its file “Top Trends Shaping IAM In 2020.” Forrester sees passwordless authentication progressing from hype to adoption. Fifty-two p.c of security decision-makers say their firm has already applied 2FA or passwordless authentication for workers. The research estimates 31% have been implementing a form of in 2020 or had plans to implement in 2021. Virtual teams want a zero belief-based approach to passwordless authentication to stay steady, ensuring that bad internal actors don’t misuse privileged access credentials and that bad external actors don’t get a chance to steal them. Verizon’s 2021 Data Breach Investigations Document found that privilege abuse is the leading cause of breaches today. Stopping privileged access abuse starts by designing a passwordless authentication system that is so intuitive customers aren’t frustrated using it whereas providing adaptive authentication on any cell machine. Ivanti’s Zero Sign-On (ZSO) approach to combining passwordless authentication and zero belief on its unified endpoint management (UEM) platform indicates how vendors are responding. It makes use of biometrics, including Apple’s Face ID, as the secondary authentication factor for gaining access to personal and shared corporate accounts, data, and programs. Additional passwordless authentication companies include Microsoft Azure Active Directory (Azure AD), OneLogin Staff Identity, and Thales SafeNet Trusted Access.
IAM programs develop into extra agile
Inflexible, inefficient approaches to defining position, policy, or attribute-based access sustain watch over for privileged identity management, governance, and person directories want an overhaul. Legacy approaches to access controls are leaving too many gaps at the position-stage for bad actors — both internal and external to an organization — to exploit. As a consequence, Forrester finds that agile software pattern frameworks are becoming extra commonplace in IAM pattern and deployment. That’s great news for security and danger professionals who have worked to adopt a extra suitable-in-time (JIT) approach to access workflows in declare to streamline how cloud platforms and software-as-a-provider (SaaS) app durations grant person identity access privileges on the cruise.
The scale-out of nonhuman identities explodes
For over a year, Forrester has been predicting that the variety of nonhuman identities across many enterprises will develop at extra than twice the pace of human identities. Forrester defines nonhuman identities as “assisted and unassisted bots, provider accounts, cloud automation and APIs, internet-of-things (IoT) devices, and robots.” Forrester also found that software bots are expanding across customer provider, finance, and IT departments for automation. That comes in the face of major uptake in use of robotic course of automation (RPA). In addition, Amazon Web Companies, Microsoft Azure, the Google Cloud Platform, and many other public cloud platforms depend widely on machine identities to get tasks, a factor Forrester says contributes to the exponential increase in nonhuman identities. Leading vendors providing IAM for machine identities include AppViewX, ThyocoticCentrify, HashiCorp, Keyfactor, and Venafi, all of which are conventional in active zero belief frameworks across organizations today.
IAM suite companies expand
Cloud-based IAM suites are gaining in popularity across enterprises because they supply pre-integrated stacks that streamline integration, ongoing maintenance, and procurement, according to Forrester. Cloud-based IAM delivery get factors (IDaaS or managed products and companies) also gasoline the creation of IAM suites thru added hybrid reinforce, giving organizations the freedom to flip on contemporary features as wished. In addition, the file points to the latest sequence of acquisitions, including CyberArk acquiring Idaptive, Okta buying ScaleFT and Auth0, and Ping acquiring UnboundID and Symphonic. Forrester believes the acquisitions are driving a extra horizontal expansion of IAM.
Community, endpoint, and data security
Forrester is seeing in client organizations how firewalls, internet application firewalls, and steady internet gateways lack an integrated identity theory across their core policies, specifically in the areas of network endpoints and payload inspection. As a consequence, they’re recommending their purchasers take a extra granular and dynamic network access approach based on zero belief edge (ZTE), which links network traffic and activity to smartly-identified, authenticated, and authorized customers (human and machine identities). Leading solutions in this area include Ericom Software’s ZTEdge platform, which combines microsegmentation, zero belief network access (ZTNA), steady internet gateway (SWG) with distant browser isolation (RBI), and ML-enabled identity and access management.
Customer identity doubles down on analytics
Forrester says finish-person purchasers in IT security, marketing, lines of business (LOB), and application pattern are saying that customer identity and access management (CIAM) programs now require access policy enforcement and total person management. Marketing and digital product professionals want extra exact, identity-relate data to fine-tune marketing campaigns and measure their effectiveness. CIAM platforms can provide beneficial identity analytics and consent management audit data, all aimed at excelling at compliance and being a responsive resource for customers. It’s up to security and danger professionals to deploy a CIAM platform if those goals are to be achieved.
Forrester’s locate at IAM trends affords security and danger professionals with insights into how IAM is changing. This rapid change ought to be considered as part of a broader cybersecurity strategy. Managers must take display of the exponential increase in nonhuman identities due to cloud platforms’ reliance on machine-to-machine integration and adapt to the pressing want enterprises have to define their IAM strategy for managing them. Anticipate IAM budgets to continue increasing as the scale and variety of threats to virtual workforces escalate. These are trends to sustain top of mind as organizations pivot to launch contemporary digital-first selling and provider strategies and other digital transformation efforts.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain information about transformative skills and transact.
Our status delivers essential information on data applied sciences and strategies to information you as you lead your organizations. We invite you to develop into a member of our neighborhood, to access:
up-to-date information on the matters of interest to you
gated belief-leader bid material and discounted access to our prized occasions, such as Transform 2021: Learn More
networking features, and extra
Grow to be a member