Trends in IAM – A Look-in

Reader's Pick

With the new normal after the Covid pandemic, the Digital Security space in general and Identity and Access Management (IDAM) in particular has become a core topic of focus amongst corporates, government organizations, and individuals the world over.  

According to a Gartner study conducted in June 2020, Identity and Access Management spend worldwide this year (2019-20) is going to be 10.4 billion dollars which is a 5.8% increase from last year, whilst the overall security-related spending (covering the areas of Application Security, Data Security, Infrastructure Protection, Risk Management, Cloud Security, Network Security, Security Services combined) world-wide is going to see a growth of only 2.4% from last year.

Why there is an increase in IDAM spends this year? 

- Advertisement -

The primary reason being, increase in access to corporate assets & applications by genuine corporate users, from outside the corporate firewalls.   This could be primarily attributed to the work from home option given to corporate employees, due to the Covid pandemic.   Corporates want to make sure all their IAM systems are protected.

What could be some typical applications that are being accessed?

Some examples could be firewalls, ERP, CRM, Java/Dot Net, Legacy, Custom, Home-grown Applications, SaaS Applications, etc.

What is the common question that occurs to everyone, when we think of Identity and Access:

How can a person with the wrong identity should not have the right access or How can a person with a genuine identity (and access) go through such a maze of integrated systems (like Firewall, ERP, CRM, etc. systems) of his/her organization or even across other connected organizations in a secure way and gets his/her tasks accomplished, without a hacker stealing his access rights? 

- Advertisement -

What could go wrong if these applications accesses are hacked or compromised (either within or across organizations)?  

Admin/Root credentials of critical systems falling into the wrong hands, tokens being phished out and used for wrong purposes, user accounts of hackers getting created (as though they are genuine users) in the target applications enabling the hacker to gain access like a regular user, could be some disasters that are waiting to happen.   These hack-ins could cause potentially millions to billions of dollars lost in operating revenue of a major enterprise, if not attended to properly.

So, how does a typically Secure IDAM solution help in mitigating these risks? 

Primarily in two ways.  By establishing trust between these applications/systems and the user.  The second is by way of automating so that any policy that is validating the trust between the applications, is executed automatically resulting in a go or no-go decision regarding the user access to the applications.

How are these 2 objectives achieved by modern IAM systems? 

Primarily the application (say Application A) that needs to grant access will communicate the terms of such access to the application (say Application B) from where the user is requesting access.  Once the terms are agreed upon by both applications, they make sure they communicate the credentials (say a password or a token or a secret key or encrypted payload that contains the user information) automatically between them to make a ‘Go’ or ‘No Go’ decision regarding the access.

Summarizing, we see that enterprises worldwide are focusing on securing their identity-based access mgmt. systems post-Covid, as institutional access to genuine systems, has increased to a great extent, and hence proportionately their IAM spends are also increasing.  

Given this scenario, we see that even though the IDAM systems are maturing, we also see a trend where organizations are increasingly going for Identity support contracts to protect the systems (on a 24×7 basis) even after they have deployed a secure, integrated IDAM solution either in the cloud or on-premise.   This they do to make sure APIs, Connectors, keys, secrets, ports, payloads, user accounts, identity-based token transport are operating at the most secure level.  

But still, there will be a constant need for more innovative solutions to address the risks that are cropping up, as hackers are getting more inventive daily.  But for now, we can say we are systematically covering these risks with the help of modern IDAM solutions.

- Advertisement -
Raj Srinivas
Raj Srinivas
Primarily from a strong security and product engineering background, he has been the principal architect of MISP (Multi-Domain Identity Services Platform) & CIE (Cloud ID Exchange) – in-house IAM & Security products at 8K Miles.

Latest News

Promoted Links

Related Stories

Bank of Japan keeps monetary policy steady, brings new forward guidance on rates

The Bank of Japan kept its monetary policy steady on Thursday but introduced new...

Employees union seeks FIR against Jet Airways boss Naresh Goyal, Vinay Dube and on SBI Chairman

The employee union of Jet Airways, which is facing its worst crisis, Friday sought...

Japan approves 26 trillion yen as economic stimulus package to combat overseas risks

Japan's cabinet approved an economic stimulus package worth 26 trillion yen ($239 billion) with...

Samsung Electronics asks its shareholders to use electronic voting for upcoming AGM

Technology giant Samsung Electronics has adopted electronic voting for the first time ever for...

Rahul Gandhi hits on RCEP says, ‘Make in India’ has become ‘Buy from China’

Asserting that "Make in India" has become "Buy from China," Congress leader Rahul Gandhi...

Ampere Electric to setup e-mobility manufacturing plant in Tamil Nadu

Electric Mobility Company Ampere Electric has announced a phased investment potential of Rs 700...

COVID-19: Amazon India partners with Acko General Insurance to offer free health insurance to sellers

India's leading e-commerce company Amazon India on Wednesday announced its partnership with Acko General...

1Win App: Review India Apk for Android and iOS

The company 1Win has been successfully operating in the markets of many countries around...

Why You Need to Be Serious About Cybersecurity for Your Business

The digital age has redefined how businesses communicate, advertise, and share information. Cyber threats...

Feeding India through Ads: A TechGraph Campaign to feed India

As the second wave of Coronavirus (COVID-19) has affected millions of families in India,...

Play Ventures leads $4.1 Mn series seed round for INCRMNTAL

Israel-based incrementality measurement platform, INCRMNTAL has raised $4.1 million in series seed round funding...

PickMyWork snaps $1 Mn in series seed round

PickMyWork, an India-based startup that assists digital companies to acquire end customers (individual users...

The benefits of chatbots in healthcare

The Pandemic has made significant improvements to healthcare services. Industry professionals had to switch...

Viber plans to roll out a new app-based payment feature

Rakuten Viber, a global leader in private and secure messaging and voice-based communication, is...