enterprisesecuritymag

5 IAM Security Trends to Watch for in 2021

By Nelson Cicchitto, Founder and CEO, Avatier Corporation

Identity management always has been a security concern, but identity access management (IAM) and identity governance and authentication (IGA) for remote workers will be the enterprise securityfocus in 2021. Due to the COVID-19 pandemic, work-from-home employeeshave become a target for hackers and cybercriminals and are the weak link in enterprise security.

Here are our top five predictions for IAM and IGA in 2021:           

1. Identity management is moving outside the enterprise.

To secure remote workers, IAM will span all enterprise access platforms. IAM tools are going to be incorporated into web browsers and mobile devices to provide secure access to corporate resources no matter how you log in.

Single sign-on (SSO) and multifactor authentication (MFA) will become incorporated into collaborative tools such as Microsoft Teams and Slack, web browsers such as Google Chrome and Microsoft Edge, and mobile platforms such as iOS and Android. Adding IAM to downstream applications also will enable centralized identity management, including account activation and provisioning, and push deployment and notifications.

2. Increased adoption of SSO

Requiring multiple login credentials will give way to one set of secure credentials. SSO increases efficiency and productivity, providing easy access to multiple applications while being inherently more secure since SSO uses MFA and protocols such as Kerberos and Security Access Markup Language (SAML).

SSO also simplifies managing user access, since one set of credentials can be used to define roles using active directories. Expect to see more IT professionals increasingly use SSO and active directories to handle secure provisioning and de-provisioning.

3. Mass adoption of access governance.

Tracking who has enterprise access is no longer enough. You also need to see what they are accessing and when for regulatory compliance. Expect to see a more sophisticated approach to IGA with automated workflows, real-time compliance management and certifications, and smart compliance management systems.

More focus will be placed on digital compliance and protecting data assets before, during, and after an attack, including real-time push notifications and access review.

4. Increased identity self-management

As SSO use increases and IAM is incorporated into user data access tools, expect to see users assume more control of identity management. IT managers will give department managers and users responsibility for routine IAM tasks.

Giving users the ability to reset their passwords increases efficiency (since users don’t have to wait for the help desk) and saves time and money and can have a direct impact on revenue, especially for customer-facing employees.

5. Artificial intelligence (AI) and machine learning (ML) will improve IAM

Staying current with access privileges is an ongoing problem as roles change and employees and contract workers come and go. To keep access privileges current, analytics and AI will provide contextual insight to help manage secure application access, monitoring access credentials based on current user needs.

AI can automate authentication for low-risk requests and help spot anomalies and potential threats using contextual analytics. Contextual machine learning also will be increasingly used for breach detection and prevention.

The number of data breaches continues to climb each year, so expectIT and security managers will continue to take steps to secure user identity by strengthening SSO, extending MFA, moving away from the principle of least privilege, adopting AI and ML, and implementing other changes to secure access, especially for remote workers.