With the new normal after the Covid pandemic, the Digital Security space in general and Identity and Access Management (IDAM) in particular has become a core topic of focus amongst corporates, government organizations, and individuals the world over.
According to a Gartner study conducted in June 2020, Identity and Access Management spend worldwide this year (2019-20) is going to be 10.4 billion dollars which is a 5.8% increase from last year, whilst the overall security-related spending (covering the areas of Application Security, Data Security, Infrastructure Protection, Risk Management, Cloud Security, Network Security, Security Services combined) world-wide is going to see a growth of only 2.4% from last year.
Why there is an increase in IDAM spends this year?
The primary reason being, increase in access to corporate assets & applications by genuine corporate users, from outside the corporate firewalls. This could be primarily attributed to the work from home option given to corporate employees, due to the Covid pandemic. Corporates want to make sure all their IAM systems are protected.
What could be some typical applications that are being accessed?
Some examples could be firewalls, ERP, CRM, Java/Dot Net, Legacy, Custom, Home-grown Applications, SaaS Applications, etc.
What is the common question that occurs to everyone, when we think of Identity and Access:
How can a person with the wrong identity should not have the right access or How can a person with a genuine identity (and access) go through such a maze of integrated systems (like Firewall, ERP, CRM, etc. systems) of his/her organization or even across other connected organizations in a secure way and gets his/her tasks accomplished, without a hacker stealing his access rights?
What could go wrong if these applications accesses are hacked or compromised (either within or across organizations)?
Admin/Root credentials of critical systems falling into the wrong hands, tokens being phished out and used for wrong purposes, user accounts of hackers getting created (as though they are genuine users) in the target applications enabling the hacker to gain access like a regular user, could be some disasters that are waiting to happen. These hack-ins could cause potentially millions to billions of dollars lost in operating revenue of a major enterprise, if not attended to properly.
So, how does a typically Secure IDAM solution help in mitigating these risks?
Primarily in two ways. By establishing trust between these applications/systems and the user. The second is by way of automating so that any policy that is validating the trust between the applications, is executed automatically resulting in a go or no-go decision regarding the user access to the applications.
How are these 2 objectives achieved by modern IAM systems?
Primarily the application (say Application A) that needs to grant access will communicate the terms of such access to the application (say Application B) from where the user is requesting access. Once the terms are agreed upon by both applications, they make sure they communicate the credentials (say a password or a token or a secret key or encrypted payload that contains the user information) automatically between them to make a ‘Go’ or ‘No Go’ decision regarding the access.
Summarizing, we see that enterprises worldwide are focusing on securing their identity-based access mgmt. systems post-Covid, as institutional access to genuine systems, has increased to a great extent, and hence proportionately their IAM spends are also increasing.
Given this scenario, we see that even though the IDAM systems are maturing, we also see a trend where organizations are increasingly going for Identity support contracts to protect the systems (on a 24×7 basis) even after they have deployed a secure, integrated IDAM solution either in the cloud or on-premise. This they do to make sure APIs, Connectors, keys, secrets, ports, payloads, user accounts, identity-based token transport are operating at the most secure level.
But still, there will be a constant need for more innovative solutions to address the risks that are cropping up, as hackers are getting more inventive daily. But for now, we can say we are systematically covering these risks with the help of modern IDAM solutions.