Identity and access management tops IT agenda for 2010

Consider outsourcing it, suggests analyst

Identity and access management is a priority this year for nearly two thirds of UK companies

Identity and access management (IAM) is high on the to-do list this year for nearly two thirds of companies in the UK, France and Germany, according to a recent poll of IT security decision-makers by Forrester Research.

Nearly 60 per cent cited improved security as the primary driver for adopting IAM, with the remaining two fifths roughly evenly split between improved service delivery, regulatory compliance, cost reductions, and governance.

However, organisations feel that current implementation of even the most popular IAM technologies is distinctly underwhelming.

Single sign-on enjoys the highest level of adoption and interest among respondents. Sixty-five per cent say they either already have enterprise single sign-on (SSO) in place or have plans to implement it, compared with 60 per cent for web SSO.

At 29 per cent, privileged user management is, by a thin margin, the most widely adopted IAM technology at European enterprises. Provisioning has lower current adoption, at 21 per cent, but a further 30 per cent have plans to implement it over the next few years.

Only a fifth of organisations have adopted multi-factor authentication, with another quarter planning implementation.

Currently less than 10 per cent of respondents outsource IAM, but Forrester is talking up this route as a solution to European firms' adoption woes.

"Security and risk professionals struggling to implement IAM should take measures to understand the nascent hosted IAM marketplace, because in a few years' time IAM services will be viable alternatives to traditional products," said Andras Cser, Forrester security analyst and co-author of the report, Identity and access management adoption in Europe.