Identity and access management: 5 things to watch out for
By Digital News Asia January 22, 2015
- Security will shift from an ‘IT problem’ to an ‘executive problem’
- Mobility and IoT to drive emergence of API-first architectures
CA Technologies said there were five key trends in security and identity and access management that will impact organisations and security professionals in 2015 as they compete in the application economy.
“The economic impact of data and security breaches coupled with the increasing demand of application delivery and top performance in an application economy, will greatly influence the way security professionals view and approach identity and access management in 2015,” said Vic Mankotia (pic), vice president of Solution Strategy, Asia Pacific & Japan, at CA Technologies.
The trends to watch out for are:
1) Identity-aware organisations will adopt an ‘identity dial tone’
The application economy and increased use of mobile apps is driving a need for a centralised, common way to access identity and entitlement information, CA Technologies said in a statement.
Identity-aware organisations need to establish an ‘identity dial tone’ to act as one source of identity truth to simplify app development, deployment and adoption as well as spur new innovation.
It will encompass all apps, across all channels and be easily available using identity APIs (applications programming interfaces).
2) Universal authentication comes to your pocket or bag
Increasingly, the mobile phone or mobile device will be used as a universal authenticator. The increased focus on authentication, driven by government and banking regulations, chip and PIN (personal identity number)/ signature technology, biometrics and new payment models will drive the demand for simpler and streamlined authentication.
Organisations will strive for ‘zero-touch authentication’ to deliver as frictionless and password-free an experience for their customers and employees as possible, and the mobile device will be a key element.
3) A shift from identity management to identity access security
A change in emphasis within the identity market will occur, based primarily on the impacts of last year’s breaches. The emphasis will shift from basic identity administration to identity security.
The majority of 2014 headline breaches hinged on compromised insider identities that opened organisations to data theft and application abuse, CA Technologies said.
Protecting organisations against rogue or compromised insider identities will require new kinds of identity and access security that is intelligent, contextual and verifiable.
4) Mobility and the IoT will drive the emergence of API-first architectures
The continued rise of mobile apps and the Internet of Things (IoT) will drive a move towards lighter-weight, API-first architectures in order to more easily connect into the digital ecosystem.
These architectures will be better able to support the large array of user types that need to access apps and data on-premises or in the cloud and across a range of device types.
An API-first architecture is what will provide the agility and flexibility that success in the app economy requires.
5) Boards of directors will have increased visibility and involvement into the corporate security strategy
Corporate executives and boards increasingly will be held accountable for breaches that damage their corporate brand. This will increase their level of involvement in security strategy and governance.
Security will shift from an ‘IT problem’ to an ‘executive problem.’ Concerns over ‘denial of business’ will drive increased board oversight, CA Technologies predicts.
Security no longer about ‘no,’ but ‘know’
Adaptive identities coming to forefront of security: RSA
Data security and the biometric single sign-on advantage
Linguistics, technology and protecting your data
NSA spying revelations, POS breaches affect corporate security strategies
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.