Five Identity and Access Management Predictions for 2020 and Beyond
.jpg)
By Paul Butler on December 11, 2019
As we reach the final few weeks of 2019, many of you will be thinking of the projects which you will be planning or embarking on in 2020. Maybe you will be looking to the cloud for greater scalability; it might be that you plan to replace ageing systems or hardware with something more modern. In either case – and those outside of my two examples – the challenge is to keep up with the fast-pace of change and implement solutions and controls which are in keeping with the wider trends.
I myself have been thinking about how this relates to the industry I work in – identity and access management.
I have spent much of my time, over the past twelve-months, speaking with our customers, business partners and our own experts behind the scenes; learning from their challenges, experiences. Crucially, I get an insight into not just what is up-and-coming, but what will actually take-off.
And so, for 2020, here are my predictions for the identity and access management market.
#1 – Convergence of Security and Networking Teams
Even today in 2019, the line between the SOC (Security Operations Centre) and the NOCs (Network Operation Centre) is already becoming blurry.
For the large part, the role of the two are intertwined and will continue on this path throughout 2020. Very few network roles and jobs are absent of consideration for security, particularly when it comes to communication between the outside world and the internal network.
Similarly, security is no longer the “post-review” department, used to seek sign-off, which it once was. Modern development methodologies and even regulations such as the GDPR require security input at the design stage – meaning security teams are having to become more technology aware.
As an IT security vendor, this means that we must continue to cater to the high expectations of both or a converged version of those two teams.
#2 – Automated Provisioning from a Single Source of Truth
Admittedly, this is not a new concept. For as long as computer domains have existed, IT administrators have used solutions such as Microsoft Active Directory as a single source of truth for much of the services they provide in their networks.
However, the cloud and services which are hosted online have challenged Active Directories flexibility in the modern age, which has led to a fracturing of authentication sources dependent on where the authenticating service is, its capabilities and security.
Federated identity solutions have attempted to tie this all back together, but their complexity meant that the up-take is reserved to the largest of organisations with the most skilled teams.
In 2020, this desire to want to return back to a single source of truth will gain momentum as smaller organisations will want to streamline the way their users work, and want to avoid the security pitfalls of fragmented user repositories.
A great example of how this works in practice comes from our very own Idaptive solution. Our solution can utilise Active Directory, federated identity systems, alternative sources of identity such as a HR system, plus automatically provision and license users in well-known solutions such as Office 365.
#3 – The Death of Hardware 2FA Tokens
We have been building up to this moment for some time. But I do believe 2020 will be the harbinger of the decline for hardware 2FA tokens.
Today, you would be hard-pressed to find anyone other than a commercial bank using these small plastic devices used to generate a 2FA passcode for authentication.
Why?
They are costly, require additional management and users tend to treat them with little ownership. Meaning that they are lost or damaged at the cost of the service provider.
Software-based tokens have existed for some time. Starting with the 2FA passcode delivered by SMS and now commonly using a smartphone app. But things have continued to move on since then.
Today, the emergence of push-notifications mean that users no longer have to copy a code from one screen to another. Instead they are presented with a yes or no prompt on their smartphones, to prove it is they who is attempting to authenticate somewhere. The security of passing a passcode is handled in the background and can be called on in very specific circumstances. Such anomalous behaviour or an unusual source location.
When you consider how far software tokens have come and how sophisticated the security is becoming – hardware tokens seem as old as the dinosaurs.
#4 – A stronger Focus on Single Sign-On Technologies
From a user perspective, predictions two and three signal a greater focus on user experience and the simplification of authentication. My fourth prediction continues this theme with my belief that single sign-on will gain more prominence in 2020.
While a single source of truth will dominate the provisioning and de-provisioning of accounts, single sign-on services will become the dominate form of authenticating those accounts, whether that be in be many services authenticating against a single sign-on source or a single pane of glass for authentication.
The reason for this can be attributed to a few reasons:
- More control over the user account in question.
- Weak passwords less likely to be used.
- Less support calls due to forgotten passwords.
- A common branding and authentication experience.
# 5 – Real-Time Anomaly Alerting and Response
Discussions about AI (Artificial Intelligence) and ML (Machine Learning) and their useful application have been going on for some years. Where I think there is great scope is in the use of automated anomaly detection, something which the network vendors of this world have been working with towards with much success.
With regard to identity and access management, we as an industry typically build a wall or a set of policies and only react to unauthorised access post-event.
There is, however, growing interest in the area of being able to detect anomalies such as unusual keystrokes, new source locations, and even the date or time, and then reacting by either alerting, blocking the attempt, or dropping additional controls or authentication stages in place.
Some of these actions could seem counteractive to the aim of making the authentication process simpler and smoother for users. However, such actions would be tuned to take place only in extreme circumstances.
Where actions are not taken directly, SOCs and even converged SOC/NOC teams could be alerted in real-time that anomalous behaviour is being detected, through traditional alerts such as email; or by interacting with SOAR (System Orchestration, Automation and Response). Which could, in turn, trigger a chain of pre-defined steps for response.
Ultimately, what customers are looking for today is better integration between solutions to reduce their response times. What do you think 2020 holds for identity and access management?
source securityboulevard
Industry: Cyber Security
Latest Jobs
-
- Senior Client Microsoft Security Delivery Consultant - Hybrid (London | Remote)
- London
- N/A
-
Senior Client Microsoft Security Delivery Consultant - Hybrid (London | Remote) We are seeking an experienced technical Security Consultant to help clients deploy and enhance their cyber defences across Microsoft and vulnerability management technologies. You will work with enterprise customers to deliver tailored solutions across threat detection, endpoint protection and exposure management, ensuring security platforms are efficient, integrated and aligned with operational goals. Whilst you won't do the design yourself- you will work alongside technical Presales to document, agree and then deliver the solution. You will have experience leading delivery the implementation and improvement projects, providing hands-on support with configuration, integration and optimisation. You will assess existing environments, recommend enhancements and guide clients on best practice to strengthen visibility and control. Strong experience with SIEM, XDR and vulnerability tooling (Microsoft & Tenable ecosystems ideal) Understanding of Azure security, identity and access controls Background in consulting or project-based cyber delivery Clear communication skills with the ability to engage senior stakeholders Extra points if you have the SC-100. You must be eligible to achieve UK Security Clearance to be considered for this role.
-
- Account Director | Cyber Security Consulting | UK - South East
- London
- N/A
-
Account Director | Cyber Security Consulting - Financial Services | UK - South East. New Role due to Growth We are looking for an experienced Account Director to develop and expand existing relationships across the financial services sector, working with investment firms, asset managers, private equity groups and strategic partners to deliver intelligent cyber consulting and a bespoke Cyber product offerings. You will act as a trusted advisor, helping organisations strengthen digital resilience, manage third-party and regulatory risk and adopt a proactive approach to cyber assurance. Key Responsibilities Manage a defined portfolio of financial clients, understanding business priorities and aligning tailored cyber solutions. Drive new client engagement while nurturing existing partnerships through a consultative, long-term approach. Present the benefits of advanced cyber services including threat intelligence, vulnerability management, incident readiness, and continuous risk monitoring. Collaborate with technical and delivery teams to ensure smooth engagement from proposal through to implementation and ongoing support. Prepare proposals, negotiate commercial terms, and clearly articulate value and business outcomes. Build trusted relationships at senior and board level. Ideal Profile Strong background in cybersecurity, consulting, or risk management within financial services. Skilled communicator with proven success managing and growing key accounts. Able to translate complex technical insight into commercial and strategic value for clients. Confident engaging with senior stakeholders and decision makers. Please note: Sponsorship is not available.
-
- SOC Analyst- Level 2- Hybrid Greater London
- London
- N/A
-
SOC Analyst- Level 2- Hybrid Greater London New opportunity created through continued growth. We’re looking for a SOC Analyst (Level 2) to strengthen a growing managed security team. You’ll work hands-on with Microsoft Sentinel and Defender XDR, investigating alerts, responding to incidents, and helping improve how clients stay protected. This role is ideal for someone who enjoys unravelling security events, thinking critically under pressure, and making a real difference day to day. What you’ll do · Investigate and respond to security activity across SIEM and endpoint tools · Analyse network and log data to uncover real threats · Support automation initiatives to streamline response processes · Help maintain visibility, data flow, and performance across SOC platforms What you’ll need · Practical experience using Microsoft Sentinel and Defender XDR · Confident working with KQL or similar query languages · Understanding of attacker tactics and response techniques · SC-200 certifications would be nice. · Experience supporting multiple customer environments Please note: Sponsorship is not available.
-
- Senior SOC Engineer - UK - New role due to growth
- London
- N/A
-
Senior SOC Engineer – New role due to growth We are hiring a Senior SOC Engineer to take the lead across security operations for a growing managed service. You will lead detection, response and onboarding activity across multiple clients, helping shape how the SOC evolves. Expect variety; from fine-tuning alerts and threat hunting to supporting customers and mentoring junior analysts. What you’ll bring · Strong experience across SIEM, EDR, and threat detection tools · Confident working with customers in a managed service environment · Skilled in scripting or query languages such as KQL or PowerShell · Knowledge of frameworks like NIST, ISO27001, MITRE ATT&CK · Calm communicator with a problem-solving mindset · Experience with Azure Lighthouse or delegated access models · Prior involvement in automation or SOC improvement projects Location: South East England- Hybrid role Please note: Sponsorship cannot be offered now or in the future.