When someone says “identity and access management”, what’s the first thing that comes to mind?
Ten or twenty years ago, the answer might have been “password” – but today it’s as likely to be “passwordless,” along with a host of other capabilities and concepts. The answer that comes to you first will depend on the identity-related initiatives that are underway in your organization, such as remote work or moving to the cloud. These initiatives could require anything from multi-factor authentication (MFA) to identity governance to zero trust, to name just a few areas transforming identity and access management (IAM) today.
Whatever your answer is, passwords, passwordless, zero trust, or something else, your response would indicate your organization’s IAM priorities and where it is in its identity journey. Successfully managing identities and access requires: understanding both where in the journey you are now and where you’re headed next having an identity platform on which you can build and rebuild as your organization’s needs change (and your identity strategy evolves)
For example, in 2020, many organizations found themselves facing the challenge of standing up a fully remote workforce in a very short period of time. The top priority for these organizations was to secure access when people were suddenly required to work outside the network perimeter. One top-of-mind identity solution to address this priority is MFA, which enables organizations to both meet security requirements and provide convenient access to people in a variety of environments.
Fast-forward a year: the immediate IAM challenges for these organizations are evolving, and their IAM capabilities will need to keep pace. Today, many of those organizations may be evolving toward a hybrid workforce, with some people on-site and some still remote, or even to a permanent fully remote workforce. Their identity security strategies may need to evolve to include introducing more passwordless options for authentication, or even exploring a zero trust mindset to help ensure security across the organization, for environments both inside and outside the perimeter.
Remote work is just one example of a circumstance that can define (or redefine) where organizations are on their identity journey. Others include moving to the cloud and needing to determine how best to secure access there, or moving toward a more dynamic joiner-mover-leaver cycle that puts identity and lifecycle governance front and center.
There are as many scenarios as there are organizations on the IAM journey, and it’s not unusual to have several scenarios playing out at once. Regardless of the specifics, what all organizations share is the need for an identity platform that will serve them at every point along the way. That platform should enable them to address the widest range of identity challenges equally well, with a full spectrum of identity-related capabilities and solutions.
Once upon a time, RSA SecurID was best known for authentication, especially hardware tokens; today it’s the trusted identity platform for 13,000 organizations around the world, managing 50 million identities and providing secure, convenient access to 30 million users. RSA provides organizations with a range of authentication methods–including push notifications, biometrics, one-time password (OTP) and, yes, tokens–that work in iOS, Android and MS Windows environments. RSA also delivers identity governance and lifecycle capabilities to speed and simplify the work of administering access to resources, with configurable policies, rules and workflows and other tools to ensure the right people have access to the right tools at the right time.
Learn more about how identity and access management strategies and capabilities have evolved – and continue to evolve – to keep pace with changes in the concept of identity.
March 29, 2021 by Murtaza Hafizji