The road ahead with IAM for modern workplaces

Moving past the notion that identity is purely human-centric, the next-gen IAM solutions are now expanding towards identifying and securing non-human identities such as think workloads, serverless functions, cloud services, connected devices, IoT devices, and bots.
  • Updated On Feb 24, 2022 at 05:56 PM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals
By Priya Kanduri


Widespread digital transformation and cloud adoption coupled with rising demand for a diverse and remote workforce has dissolved the physical and network barriers that once protected an organisation’s most valuable assets. This has propelled organisations to build their IT fortress with the most secure landscape with sharp focus on identity which has quickly established itself as the new perimeter. Pioneering enterprises have already started strengthening the foundation of their cybersecurity through Identity and Access Management (IAM).

In India alone, the cybersecurity services and product industry have a combined revenue of USD 9.8 billion at a CAGR of almost 40 percent in 2021, according to a latest report by India Cybersecurity Industry Report – Services & Product Growth Story. IAM solutions in 2022 will not only just revolve around identities but much beyond that.

Advt
The very foundation of a strong IAM program is a well-defined, structured & thought out IDAM strategy. It is important that an organisation should take into consideration the current identity risks, challenges & Tech trends while defining the enterprise IAM strategy. From establishing appropriate multi-factor authentication to leveraging artificial intelligence (AI) and machine learning (ML) to ensures a full-proof secure network, highlighted below are the key trends that should be considered while defining your IAM strategy in 2022:

Zero Trust Architecture

A Zero Trust Architecture (ZTA) is an architectural framework and approach to enhance enterprise cybersecurity quotient with the underlying principle – “Never Trust, Always Verify”, and assumes that each request for activity or access is unknown and untrusted. Accordingly, the enterprise IAM strategy must also involve considering zero-trust on all connection requests and treating them as potentially hostile, ensuring each access is strongly authenticated, authorized, continuously verified, and monitored for any anomalous activity and least privilege access. Although the zero-trust principle is recommended to be applied across all the five fundamental areas – users, network, data, devices and applications, considering the new trends around perimeter less, micro segmentation, heterogeneous infrastructure and identity being the only constant – identity centric - zero trust as the basis of ZTA adoption should be part of overall IT and cyber strategy going forward.

User life cycle management for non-human Identities

Non-human identities are touted as the new blind spots in your cybersecurity armour mainly because they are growing twice as fast as human identities on enterprise networks. Moving past the notion that identity is purely human-centric, the next-gen IAM solutions are now expanding towards identifying and securing these non-human identities (think workloads, serverless functions, cloud services, connected devices, IoT devices and bots). It's becoming common for enterprises to lose track of number of bots being created, launched, giving malicious actors the perfect cover to mask their actions. While a threat to sensitive company data through these non-human identities is quite apparent, evolving controls in privileged identity management, identity management and governance, key management for non-human-machine-identities effective at eliminating risks and should be taken into account while defining an enterprise’s IAM strategy.

Password less is the future
Known as the most common tool to verify a person’s identity, passwords are the least secure mode of authentication. Usage of biometrics, one-timecodes, and similar such methods will see a rise in adoption in 2022. Gartner predicts that 60% of large, global enterprises and 90% of mid-size enterprises will implement password-less methods in more than 50% of use cases by 2022.

There is a need for enterprises to move beyond password policies by potentially eliminating the use of passwords and quickly adapting to advanced ways such as Multifactor Authentication (MFA) & Single Sign-On (SSO). Fast Identification Online 2 (FIDO2) is another unfishable Password-less Authentication Method that is gaining prominence and is said to have a bright future in securing user access and hence should definitely be taken into account while choosing IAM tools and technologies.

Advt
Behaviour tells all
Behavioural biometrics closely monitors user authentication for fraudulent activity, relying heavily on cognitive behaviour and user patterns to detect changes and alarm administrators. The future of Behavioural biometrics involves leveraging AI/MI to provide continuous behavioural authentication for maximum security. Authentication based on keystrokes – the frequency and pattern to recognize identity, swipe patterns and movement patterns of a user, is a state-of-the-art authentication method that’s powered by behavioural biometrics.

Constant monitoring of user behaviour by re-authenticating the access periodically throughout a login session, instead of just entry-level login, is the way forward. Another method, adaptive authentication, dives deeper into the user’s location, time, and type of device and network to detect fraudulent activities. Financial institutions have already adopted these methods that are not just insightful, but a great resource for fraud prevention.

Self-sovereign identity

With a rise in Blockchain, Self-Sovereign Identity (SSI) has gathered momentum. With the user having full control over the ability to control their accounts and personal data, SSI is fully potential of moving beyond emails and shift to an interoperable secure messaging era. Widespread adoption of SSI will give the control of digital identities back in the hands of the individuals.

AI/MI at the core of IAM solution
While AI/MIL has revolutionised several industries in the last few years, it is set to play a significant role in the future of Identity Governance. Its ability to recognize patterns and expand knowledge will prove of prime importance to IAM strategies in the future. Cyberattacks have evolved over the years and happen faster with greater precision. AI/ML stand the best chance of keeping up with such meticulous cyberattacks as they don’t just outsmart attackers but can even predict attacks with constant learning. Businesses will have to continue leveraging AI/ML capabilities for continuous authentication and real-time fraud detection.

CIAM
B2C businesses are required to build and enhance their customer’s journey or interaction through Customer Identity Access Management (CIAM). Having the most stringent policies like multifactor authentication may not work here, since customers are on a constant lookout for a seamless and user-friendly interface.

By maintaining a consistent brand experience, including multiple languages on platforms, and building a user’s profile over time are some of the key aspects B2C businesses can leverage CIAM for better consumer engagement. Through a mapped out CIAM strategy, businesses can secure as well as enhance user experience & revenues to a great extent through CIAM’s unified & consistent consumer experience across all channels.

Cloud Infrastructure Entitlement Management

Businesses are infused with growing security failures that stem from the weak management of privileged identities that have unmanaged permissions and access rights to cloud resources. Cloud management needs advanced and robust surveillance to handle the density of permissions granted to each identity.

Cloud Infrastructure Entitlement Management (CIEM) solutions provide enterprises the visibility into unnecessary privileges and the ability to appropriately manage present and past activity of human and non-human identities with excessive permissions to cloud resources.

For a robust system, enterprises need to leverage the potential of CIEM solutions that provide Artificial Intelligence-based analysis and assessment tools to smartly identify and rank risks in real time. CIEM surpasses traditional IAM methods of just managing identities to managing permission risks to prevent cloud breaches and data theft across multiple clouds, reducing the workload of security teams. It’s continuous and real time.

It is imperative that companies start treating their identities and entitlements as their boundary, and failing to recognize excessive permissions will jeopardise their security framework.

According to Gartner, the IAM market is expected to reach 19 billion dollars by 2024, which is a significant rise from the current 13.7 billion dollars in 2021. Defining and managing device identity in the constantly evolving Internet of Things (IoT) environment has become a top priority for organisations.

IAM strategies that are designed while keeping the core business objectives in mind will protect organisations. As remote or hybrid work continues to be a part of the future working culture, companies ensuring that the workforce functions productively and securely will make organisations adaptive and resilient to prosper even during such changing times.

The author is VP, CTO, Infrastructure Management & Cyber Security Services at Happiest Minds Technologies.

DISCLAIMER: The views expressed are solely of the author and ETCISO.in does not necessarily subscribe to it.
ETCISO.in shall not be responsible for any damage caused to any person/organisation directly or indirectly.

  • Published On Feb 24, 2022 at 05:53 PM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App