Article posted: Dec 18, 2015
By Joakim Thorén, CEO
The 10th annual Gartner IAM Summit in Las Vegas focused heavily on the urgency in deploying identity and access management solutions. ZDNet's report on the Summit noted that Gartner called for innovation in the next identity and access management technology revolution, but the story glossed over one of the key issues: widespread deployment of two-factor authentication and IAM.
In his keynote speech, Gartner Research Director Felix Gaehtgens said "IAM should help lead the way to digital business. The goal is to mold a modified approach to identity and access management and install it as a fundamental part of enterprise architecture." He said the new attitude requires adding innovation into IAM that turns it into a skill that supports evolving enterprise processes backed by identity and access controls.
We concur with Mr. Gaehtgens' assessment that "The time is right to make a proactive and lasting change in how you approach IAM." But at Versasec, we also believe the change must come from companies being ready to deploy two-factor authentication and managing the digital identity of employees from first deployment to identity retirement. The issue is not so much in the innovation of IAM technologies but in more widely adopting IAM technology throughout organizations' global operations.
Many security breaches caused by insider threats or stolen equipment can be prevented by deploying IAM technology throughout an organization. As hacker threats become more sophisticated, password protection and even encryption must not be the only methods protecting sensitive corporate data.
A good example is the recent infiltration of government documents, which has left the US government renewing its efforts to increase security from domestic and foreign threats. The hack of the US Government's Office of Personnel Management compromised sensitive personal information -- including the Social Security numbers of nearly 22 million government workers. That well publicized breach led to the resignation of Director Katherine Archuleta.
As organizations are impacted by the introduction of IoT devices, prolific mobile usage and growing "shadow" IT, authentication and security must not be forgotten. Until organizations take it more seriously, private data, corporate assets and jobs will be compromised.