Identity and Access Management
The identity and access management market continues to grow in a wide variety of industries of all sizes. As has been much discussed in many headlines, this is primarily because of three main reasons: 1) It is much more cost effective to implement than in past years; 2) Solutions can be implemented fairly quickly, and 3) Companies have realized the great benefits IAM solutions bring to their organization.
As the IAM market continues to grow, the solutions have become more advanced to meet the changing needs of the many different organizations and the unique challenges that they face. These solutions are not just basic account creation and password management anymore. They have evolved to handle the various types of employees and industries and still continue to progress and grow.
Let’s take a look at some of the newer advancements made in the IAM market that were created to meet the needs of these industries. The following are two advancements that came directly from trends in the market.
Password management for remote employees
One newer trend is employees working remotely. Users don’t always work in the office or on the company’s network. Though they are not in the office, they encounter similar, but somewhat different, issues as employees in the office. One newer solution to a specific problem has been to make the login process for remote workers more efficient and easy. Think of an employee who is quickly trying to gain access on their smartphone or tablet. To open each application in a new tab and enter credentials is an extremely time-consuming process.
A solution that was developed to easily mitigate this issue is cloud-based single sign-on solutions. Users can easily access a portal where all applications they are authorized to access are available. They simply provide a single set of credentials for authentication and can then access their applications by simply clicking on the icon. This allows them to access their applications from anywhere that they are working, whether inside or outside of the company’s network from one place.
This is also extremely convenient for users who are using mobile devices. Many vendors offer the ability for users to download an app on their device. The app will prompt the user to enter a single set of credentials to get to the portal where they can access their applications. For users who are on the go, and use tablets or smartphones, this can be of tremendous benefit. They can access what they need, from anywhere, at any time, without having the inconvenience of authenticating to multiple applications.
While this type of solution is very convenient for remote employees, it is also helpful for many different industries. For example, in education, where students complete a large majority of their work outside of the school’s network and often use many mobile devices.
Security of access rights
Another trend and growing requirement of organizations in the last couple of years is ensuring security when it comes to access rights in the network. While security has always been a top concern, there has been an increased need to ensure the network is secure from the inside and that employees cannot access system and applications with sensitive data unless their job requires it.
This can be achieved with access governance solutions that have become more available in recent years. Access governance ensures that each employee within the organization have the correct access rights to the exact resources that they need. This is important for many reasons including for employees to efficiently perform their jobs and to keep the company’s network secure.
The company first needs to set up a model of exactly which access rights each role in the organization should have. For example, someone working as a manager in the IT department will need certain access rights to systems, applications and resources. By utilizing access governance, it can be ensured that when the account is created it is done so without accidentally making any access mistakes; either giving the employee too many rights or too few rights. This ensures that the employee receives exactly the correct rights that they need and in a timely manner.
Additional methods and modules have also been developed to further mitigate any security issues of access rights.
Reconciliation is another way to ensure absolutely correct access rights. This module compares how access rights are set up to be in the model to how they actually are and creates a report on any differences. Anything that is not accurate can then be easily corrected.
Attestation is another form of checking access and goes one step further — regular verification that everything is correct. A report is sent out to managers of a department showing their employees and their access rights requiring them to verify accuracy. For example, the marketing manager will receive a report on the access rights of everyone in the marketing department. He or she will need to review and either mark access rights for deletion, change access right directly or create a ticket in the helpdesk system to change the access right. After looking everything over the manager must give his or her final approval for the proposed set of changes to ensure that everything is correct.
These are some of the newer trends in IAM that vendors have developed to meet changing needs of organizations. But what about other trends in IAM? Will the industry continue to grow?
Of course; as trends develop so do problems and solutions in the identity and access management space. For example, for remote workers there are still issues that an IAM solution would resolve. Working in the cloud and remotely brings about unique challenges for account and password management since they are occurring outside of the company’s network. As trends change and develop, the IAM marketing will continue to transform to meet the needs of different employees and industries that utilize the solutions.
By Dean Wiech
Dean Wiech is managing director at Tools4ever US. Tools4ever supplies a variety of software products and integrated consultancy services involving identity management, such as user provisioning, role-based access control, password management, single sign on and access management solutions.