The past six months have seen an upsurge in interest in Identity and Access Management (I&AM), but the rush to put secure access controls in place for remote workers has merely accelerated the adoption of an area of technology that was already taking centre stage.
Cloud, decentralised organisational structure, rising cyber crime, distributed enterprise architectures, complex partner networks and supply chains, and above all regulations such as GDPR all place pressure on organisations to enact tighter controls on who can access what and when, together with stricter authentication procedures.
But it's probably fair to say that most organisations remain considerably behind the curve when it comes to implementing measures such as multi-factor authentication and identity governance.
According to just-completed research by Computing Delta, the number one reason for this is a lack of user acceptance. The holy grail of I&AM is to actually improve the user experience by automating the authentication and access control processes and allowing single-sign-on (SSO) for whole suites of services, but the more controls like captchas, enforcing complex passwords and sending one-time codes via SMS or an authenticator app are an irritant.
Which of these are the most challenging areas in the daily use of I&AM solutions?
Base 176 UK IT leaders. Respondents could select up to three options.
User acceptance was the biggest challenge facing IT leaders questioned during our research. The risk is that if protections add friction, employees will find workarounds while will almost certainly be even less secure.
Monitoring the solutions could also present an operational headache, as could integrating I&AM into new services. The task of making I&AM seem more of a choice than an imposition by introducing elements of self-service was fourth on the list.
In terms of actually rolling out I&AM solutions, integration was by far the biggest headache. APIs make this easier for modern systems but may not be of much help with legacy applications. Configuration woes were another frequently raised complaint. Watch out for hidden costs too.
During this event we'll be revealing the full results of our latest research into I&AM solutions. We'll be hearing from a senior IT leader about their I&AM rollout, and discussing the likely future direction of I&AM innovations. There will be practical tips on how to set up seamless I&AM solutions across your business, implementing (SSO) and multi-factor authentication, and more.
Post Quantum's Classic McEliece algorithm is the only remaining contender in the code-based category of algorithms designed to protect communications from attacks using quantum computers
Cloud-based threat intelligence is the only way to keep ahead of the bad guys, says Check Point's Eddie Doyle