Dive Brief:
-
Two-thirds of IT executives say process issues are preventing them from moving identity and access management (IAM) systems to the cloud, according to a survey by Forrester commissioned by ForgeRock. The IAM systems struggle to move between cloud and on-premise services, a top process challenge.
-
Of the 313 global IT executives Forrester surveyed, 80% have already adopted, plan to adopt or plan to expand cloud-based IAM efforts in the next two years. But half of the execs lack key security practices and 88% say technology issues, such as limited functionality and scalability, are preventing IAM adoption in the cloud.
-
A hybrid cloud approach to IAM can provide better employee/customer experience and opportunities for innovation, according to the report. Realizing the benefits, however, requires organizations to overcome security, strategy and technology gaps.
Dive Insight:
IAM systems define user privileges to build security guardrails, and sourcing it in the cloud will provide companies with more access and visibility into who can access what.
Cloud-based IAM allows IT professionals to manage authorizations from the cloud environment, but sourcing security from a cloud model can be a challenging migration.
"Organizations are rapidly moving to cloud for cost savings, but they still have many business-critical applications running on-premises," the report said. Managing IAM infrastructure in the cloud and on-prem creates a "disjointed model disjointed model that can raise many security and user experience issues."
Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including a lack of visibility into IAM systems for a complete security picture and increasing complexity caused by the migration.
Visibility across the entire IT ecosystem underpins security efforts in the cloud and on-premise. Jim Brennan, chief product officer at BetterCloud, recommended introducing automation to gain visibility across the IT stack in an interview with CIO Dive earlier this month.
Automating workflows to manage configuration settings or applying automation to offboard user accounts can be applied to the IAM process for additional security guardrails.
Introducing new policies, processes and procedures to the tech stack also brings new layers of complexity for IT departments and other employees to manage. In an environment full of disparate applications, authorizing and authenticating each user can be a daunting task.
To account for some complexity and moving parts in the IAM ecosystem, Target reinforced its identity management efforts with a zero-trust philosophy, CIO Dive reported in 2019. The zero-trust approach accounts for job termination, shared accounts, onboarding and inactive use concerns.
IAM efforts remain a popular approach to cybersecurity. Seventy percent of global business executives are planning to increase spending on IAM over the next year, according to a Ping Identity study.