Identity and access management (I&AM) is critical to modern business, used to block unauthorised access to critical systems. It has become even more important this year, with the transition to remote working in practically every industry.
According to new research for Computing Delta, conducted with more than 170 UK IT leaders, I&AM is now more important, more widespread and more reliant on the cloud than it was in January this year.
The coronavirus pandemic has dramatically changed how companies value I&AM. Businesses have had to re-evaluate their existing deployments in the face of rising remote working; what is suitable for a single-perimeter office might not be appropriate when everyone is working from home.
With staff more dispersed, and using a variety of devices and apps that IT sometimes struggle to see - let alone control - ensuring security is vital. Identity and access management software is a key part of this, ensuring that people are who they say they are, and they're authorised to use the systems they're trying to access.
Nearly two-thirds of our respondents agreed that I&AM had become more important over the last six months, and over a third were using their existing tools in new ways. A similar proportion said they were using their I&AM in the cloud more than previously.
Like other business tools, more firms are looking to the cloud as a deployment environment for I&AM, and it is starting to overtake on-premises systems: 28 per cent of respondents used cloud as a deployment environment, versus 27 per cent using on-prem. In our survey last year, on-prem deployments were second only to hybrid systems: 32 and 36 per cent, respectively, with cloud at 20 per cent.
Hybrid cloud remains the most popular type of deployment in 2020, which probably speaks to the nature of security. As one IT leader said:
"You end up doing both, because if you have resources in the cloud you need to have identity management in the cloud. You can't manage your cloud resources without a cloud-based identity management system or capability, and equally your on-prem resources will need on-prem."
We went on to ask about I&AM plans over the next 12 months. Again, the rising importance of identity and access management led the responses.
More respondents had plans to move to the cloud (42 per cent) than had already done so in the last six months (36 per cent). That's no surprise, as companies have had time to reflect and build a plan of action going forwards. It appears that for many, remote working is here to stay and they have realised the need to defend their newly dispersed IT estate.
Cloud vendors strike big
As cloud grows, it benefits the vendors you might expect: Microsoft, AWS and Google; as one respondent put it, "If you use their cloud product, you need their identity management product." But the biggest winner this year has been Okta.
From sixth place in the ‘in production' metric last year, Okta's cloud-first and vendor-agnostic approach has accelerated it to second place this year. It has doubled its market share, and also climbed in the awareness and trialling metrics.
However, because Microsoft's Active Directory dominates the I&AM market so heavily - mostly due to its default inclusion in most of Microsoft's enterprise tools - Okta's share still only stands at eight per cent, versus first-place Microsoft's 69 per cent.
AWS, RSA and Google all performed reasonably well at the trialling stage (16, 14 and 11 per cent of respondents had tested their products, respectively), but like Okta could not compete with Active Directory, and only reached single-digit production figures.
To summarise: the coronavirus pandemic has affected the market for identity and access management solutions as much as it has for any business tool. Demand has spiked thanks to the surge in remote working, and vendors with a cloud-first approach like Microsoft, AWS and Okta are seeing big benefits.
We originally presented this research during Deskflix: Identity & Access Management; you can watch the presentation, as well as other sessions, on catch-up now.
David S. Wall, Centre for Criminal Justice Studies, University of Leeds outlines recent trends in cyber attacks across the public sector, and higher education specifically
Neustar SVP Rodney Joffe is shortlisted for Security Specialist of the Year in the Digital Technology Leaders Awards
Updates are KB4558130 for Windows 10 version 2004 and Windows Server version 2004, and KB4497165 for Windows 10 version 1903 and 1909
Egor Igorevich Kriuchkov had allegedly offered to pay $1m to a Tesla employee for installing malware on the company's network