Five Identity and Access Management Predictions for 2020 and Beyond
.jpg)
By Paul Butler on December 11, 2019
As we reach the final few weeks of 2019, many of you will be thinking of the projects which you will be planning or embarking on in 2020. Maybe you will be looking to the cloud for greater scalability; it might be that you plan to replace ageing systems or hardware with something more modern. In either case – and those outside of my two examples – the challenge is to keep up with the fast-pace of change and implement solutions and controls which are in keeping with the wider trends.
I myself have been thinking about how this relates to the industry I work in – identity and access management.
I have spent much of my time, over the past twelve-months, speaking with our customers, business partners and our own experts behind the scenes; learning from their challenges, experiences. Crucially, I get an insight into not just what is up-and-coming, but what will actually take-off.
And so, for 2020, here are my predictions for the identity and access management market.
#1 – Convergence of Security and Networking Teams
Even today in 2019, the line between the SOC (Security Operations Centre) and the NOCs (Network Operation Centre) is already becoming blurry.
For the large part, the role of the two are intertwined and will continue on this path throughout 2020. Very few network roles and jobs are absent of consideration for security, particularly when it comes to communication between the outside world and the internal network.
Similarly, security is no longer the “post-review” department, used to seek sign-off, which it once was. Modern development methodologies and even regulations such as the GDPR require security input at the design stage – meaning security teams are having to become more technology aware.
As an IT security vendor, this means that we must continue to cater to the high expectations of both or a converged version of those two teams.
#2 – Automated Provisioning from a Single Source of Truth
Admittedly, this is not a new concept. For as long as computer domains have existed, IT administrators have used solutions such as Microsoft Active Directory as a single source of truth for much of the services they provide in their networks.
However, the cloud and services which are hosted online have challenged Active Directories flexibility in the modern age, which has led to a fracturing of authentication sources dependent on where the authenticating service is, its capabilities and security.
Federated identity solutions have attempted to tie this all back together, but their complexity meant that the up-take is reserved to the largest of organisations with the most skilled teams.
In 2020, this desire to want to return back to a single source of truth will gain momentum as smaller organisations will want to streamline the way their users work, and want to avoid the security pitfalls of fragmented user repositories.
A great example of how this works in practice comes from our very own Idaptive solution. Our solution can utilise Active Directory, federated identity systems, alternative sources of identity such as a HR system, plus automatically provision and license users in well-known solutions such as Office 365.
#3 – The Death of Hardware 2FA Tokens
We have been building up to this moment for some time. But I do believe 2020 will be the harbinger of the decline for hardware 2FA tokens.
Today, you would be hard-pressed to find anyone other than a commercial bank using these small plastic devices used to generate a 2FA passcode for authentication.
Why?
They are costly, require additional management and users tend to treat them with little ownership. Meaning that they are lost or damaged at the cost of the service provider.
Software-based tokens have existed for some time. Starting with the 2FA passcode delivered by SMS and now commonly using a smartphone app. But things have continued to move on since then.
Today, the emergence of push-notifications mean that users no longer have to copy a code from one screen to another. Instead they are presented with a yes or no prompt on their smartphones, to prove it is they who is attempting to authenticate somewhere. The security of passing a passcode is handled in the background and can be called on in very specific circumstances. Such anomalous behaviour or an unusual source location.
When you consider how far software tokens have come and how sophisticated the security is becoming – hardware tokens seem as old as the dinosaurs.
#4 – A stronger Focus on Single Sign-On Technologies
From a user perspective, predictions two and three signal a greater focus on user experience and the simplification of authentication. My fourth prediction continues this theme with my belief that single sign-on will gain more prominence in 2020.
While a single source of truth will dominate the provisioning and de-provisioning of accounts, single sign-on services will become the dominate form of authenticating those accounts, whether that be in be many services authenticating against a single sign-on source or a single pane of glass for authentication.
The reason for this can be attributed to a few reasons:
- More control over the user account in question.
- Weak passwords less likely to be used.
- Less support calls due to forgotten passwords.
- A common branding and authentication experience.
# 5 – Real-Time Anomaly Alerting and Response
Discussions about AI (Artificial Intelligence) and ML (Machine Learning) and their useful application have been going on for some years. Where I think there is great scope is in the use of automated anomaly detection, something which the network vendors of this world have been working with towards with much success.
With regard to identity and access management, we as an industry typically build a wall or a set of policies and only react to unauthorised access post-event.
There is, however, growing interest in the area of being able to detect anomalies such as unusual keystrokes, new source locations, and even the date or time, and then reacting by either alerting, blocking the attempt, or dropping additional controls or authentication stages in place.
Some of these actions could seem counteractive to the aim of making the authentication process simpler and smoother for users. However, such actions would be tuned to take place only in extreme circumstances.
Where actions are not taken directly, SOCs and even converged SOC/NOC teams could be alerted in real-time that anomalous behaviour is being detected, through traditional alerts such as email; or by interacting with SOAR (System Orchestration, Automation and Response). Which could, in turn, trigger a chain of pre-defined steps for response.
Ultimately, what customers are looking for today is better integration between solutions to reduce their response times. What do you think 2020 holds for identity and access management?
source securityboulevard
Industry: Cyber Security
Latest Jobs
-
- Identity Channel Partner Manager | London
- London
- N/A
-
Identity Channel Partner Manager | London Location: South East UK (commutable to London) We are working with a Cyber Security business who are looking for a Channel Partner Manager to drive and grow relationships across their identity ecosystem. Prior experience working within VARs, distributors, vendors or resellers in the identity space is essential. You must have experience working with technologies such as CyberArk, Sailpoint, Okta etc Responsibilities will include, but not be limited to: Build, maintain and develop strong relationships with channel partners. Work closely with partner sales teams to support growth drive sales opportunities. Identify and onboard new partners while strengthening existing partnerships. Act as the key point of contact for all channel-related activity. If you are an experienced channel professional, with experience in the Identity space and are ready for your next challenge, apply today.
-
- Service Architect- DACH regions
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Service Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the Service/ solutioning effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company area a global managed services business working with enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead Service/ solution design from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. You’ll Need: Experience working as a Service architect, Service Manager or Customer Success Manager R Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical grasp: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Deal Architect- DACH region
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Deal Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the solutioning/ Service effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company is a global managed services business providing solutions to enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead the deal from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. Be responsible for the service Wrap and ensuring the Service meets clients requirements You’ll Need: A back ground with IT Services Experience in a similar type of role, for example: Deal, Service, or Solution Architect in ICT outsourcing. Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical knowledge: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Pre Sales Lead- IT Services
- Germany
- Upto €100,000 plus benefits
-
As the Pre-Sales Lead (Sales Engineer/ Solution Architect) you will drive large-scale ICT managed services and outsourcing deals (from €0.5M to €20M+). You'll work directly with Business Development and clients to design high-impact solutions across Cloud (Azure, IaaS, SaaS, PaaS), EUC, Unified Comms, Security (SIEM, PAM), Networks, and Smart Workplaces. What You’ll Do: Lead the end-to-end pre-sales cycle — from RFI/RFP to contract. Design innovative, client-specific solutions with technical & commercial impact. Present at CxO level and steer proposal strategies & financial models. Collaborate closely with Portfolio, Service Desk, Field, and Digital Workplace teams. Support deal shaping with strong knowledge of ITIL, SIAM, Automation, and cost analysis. What You’ll Bring: Have strong experience in pre-sales or solution architecture. Experience with €M+ managed service deals. Deep technical expertise in modern ICT stack and enterprise IT services. Strong German (C1) and English communication skills. Certifications: ITIL v3/v4 required; SIAM, ISO20000 desirable.