Gartner IAM Summit

The Gartner IAM Summit in London last week put the spotlight on digital identities and how best to morph standards and infrastructures to support both people and things, commonly referred to as the Internet of Everything (IoE).   Whether the answer is a more people-centric security approach as advocated by one Gartner researcher, or any of 5 different platform approaches, as advocated by another Gartner analyst – security experts agree the Internet of Things (IoT) is an identity management challenge that must be addressed.

Security Concerns

We thought it would be helpful to size the level of concern among IT executives.  Turns out they’re tremendously concerned.   An independent survey commissioned by GlobalSign that was released immediately prior to the event shows that some 90% of senior IT leaders at organizations with over 1000 employees, surveyed in the US and the UK said they were either somewhat concerned, very concerned, or extremely concerned about their organizations’ identity relationship and access management (IRAM) capabilities.   The Bring Your Own Device (BYOD) trend, the fact more employees working from home, smart electronics and wearables allow more physical devices to act as conduits to corporate networks – further expands the potential security risk.

The US appeared to show greater concern, with 66% of the IT executives surveyed ranking identity and network access as a matter over which they are either extremely or strongly concerned – with 21% of them rating their concern as extreme.   In contrast only 23% of UK respondents — nearly one-third of the US level — stated they were strongly or extremely concerned, with only 3% in the UK saying they were extremely concerned.  The survey was performed by technology market research firm Vanson Bourne in late January 2015.

Not surprisingly, results across four key vertical sectors showed that nearly twice the number of IT executives at financial services firms were extremely concerned than their peer respondents in the manufacturing, retail or other sectors.  Results were consistent across company size – the survey assessed companies with between 1000 and 3000 employees, and those with over 3000 employees.

The Internet of Everything Era

More importantly, the concern about identities in the IoE era is being reflected in IT budgets. The just released TechTarget/Computerweekly IT Spending Priorities study ranked IAM as the #1 spending priority of UK and European firms this year, with 36% of UK IT managers and 33% in Europe planning IAM initiatives. GlobalSign’s Finland-based IAM team found that some 40% of the top 500 companies in Finland plan to improve IT infrastructure and e-Services with identity and access management within 12 months.

Mobile standards such as Oauth as well as existing solutions such as the use of enterprise PKI services were also part of the Gartner IAM discussion.   The event spotlighted newer delivery models such as “Security as-a-Service” offerings and other innovations that streamline IAM deployments from the typical six months down to just weeks – so that the lengthy build-out cycles associated with these solutions do not act as an impediment to their more widespread adoption.

While the Gartner IAM Summit addressed new technologies, case studies and recommendations for success, it acknowledged there is still work to be done on the identities front.  But we remain optimistic about the IoE for good reason: new research from Verizon suggests that by 2025 the firms that embrace the IoE will become 10% more profitable.   Now there’s a data point around which just about every firm can find agreement.

By Petteri Ihalainen