In the UK, 57% of employees want to be able to work from home after the pandemic. Remote access requirements have forced organisations to fortify their security strategy to protect their internal and external data.
2021 saw some colossal data breaches and cyber-attacks, including LinkedIn, Facebook and Colonial Pipeline, the largest refined oil pipeline in the US. This signals the urgency for robust security in 2022 to defend organisations against ever-evolving threats.
What are we likely to see as upcoming developments in identity management for 2022?
- Identity-First Security Paving the Way
With the increase in cloud migrations and remote users, identity-first security is the leading strategy to protect organisations from attack. Legacy Identity and Access Management (IAM) tools are insufficient to protect against the risks of remote access. Single factor authentication, the inability to continuously monitor user activity, orphaned accounts, and other components of legacy tools leave a business vulnerable.
- Fully Featured IAM Vendor Product Suites
More vendors are consolidating IAM features - identity governance and administration (IGA), access management (AM) and privileged access management (PAM) - into a converged platform to enable businesses to manage their internal and external identities. Investing in a consolidated solution may increase efficiency, eliminate superfluous controls, and tighten security. Recent examples include One Identity acquiring OneLogin, and Okta who acquired Auth0. This kind of activity will continue further in 2022, offering comprehensive product suites for organisations looking to enable their identity-first security via a single vendor.
- Continued Emphasis on Compliance
People are becoming increasingly concerned over the privacy of their data, pushing businesses to drive identity-first initiatives that accelerate the path to regulatory compliance. BDSG in Germany and GDPR in the EU are data privacy regulations in place to protect personal data, with non-compliance fines of up to €20 million. To comply, it’s important to ensure that the minimum amount of necessary data is only accessed by the right people for the time they need. This comes back to the importance of an IAM strategy.
- IAM as a service (SaaS)
IAM delivered as a service is a rising trend to enable businesses to implement features such as single sign-on (SSO) and multi-factor authentication (MFA) through a third-party provider. This approach is starting to extend into identity governance as a service, and privileged access management as a service. Why SaaS?
- Save money – no big initial investment, no hardware, no maintenance team.
- Growth and business agility strategy – when a business undergoes change or growth, a SaaS solution can scale with it, or be replaced without huge costs.
- No IT issues – IAM-as-a-service solutions are hosted by a SaaS provider who tackle updates, installations, and maintenance.
- Remote access – a solution that’s available from anywhere, using any device, adaptable to hybrid working.
Wherever you are in your security journey, you can talk to one of the Intragen team for expert guidance. Send us a message, or see how your organisation scores on our IAM Quick Test.