Identity and Access Management (IAM) has evolved significantly over the past decade. It almost feels like we’re at an inflection point at the moment. There are a number of startups emerging in this space, which is a sign of a healthy pipeline of innovation in the industry. It’s also a time when there is a significant amount of M&A activity happening as well. New domains like CIEM (Cloud Infrastructure Entitlement Management) and ITDR (Identity Thread Detection and Response) are gaining traction. Passwordless, which was already becoming a boardroom topic, has now gotten a new impetus because of the mandates on phishing-resistant MFA on one side; and novel concepts like FIDO passkeys on the other. CIAM (Customer Identity & Access Management) has recently seen phenomenal growth of late. Still, interestingly, it has also rekindled interest in dynamic authorization (or externalized authorization) – something the industry has been discussing for well over a decade. Is this all coincidental? That was just a rhetorical question! But by all means, do share your point of view with us. Whether you see these changes as tectonic shifts or mere readjustments of the industry, these changes affect all of us.
Cloud-based Access Management Steps Up!
IAM is no longer just a means to be compliance- and audit-friendly. It is truly a pillar of change – a pillar of transformation. Funny enough, many a CIO would already have been preaching this pre-2020. But not many board members were willing to listen. The pandemic (yes, we’re still speaking about it!) forced organizations of all sizes to drastically accelerate their digital transformation projects. For inward-facing executives, it was a huge operational and security nightmare to suddenly shift to a remote form of working and adoption of cloud-based solutions to mitigate the imperfections of relying on company servers. It got the board’s attention because it was no longer a case of piecemeal operational efficiency improvement or compliance – it was a case of business continuity and survival. Cloud-based Access Management solutions stepped up to the challenge, allowing organizations to dramatically scale their ability to enable a truly remote workforce, especially for businesses that rely on knowledge workers. The balance of remote/hybrid work versus onsite work has tilted forever.
Dynamic shifts create permanent changes
Speaking of business continuity, the external-facing line of business leaders have met with an acceleration of challenges of brick-and-mortar business. Retail companies, for example, were forced to speed up their digital presence to avoid being totally disrupted. No-contact curbside pick-ups became a necessity. There was also a significant shift in workforce, with a lot more pronounced need of gig workers for delivery or for replacement of vulnerable staff. If B2C companies ever questioned the disruption that was abound, the dynamics of doing business during the pandemic totally changed that mindset. Retail companies, insurance companies, restaurants, and banks, to name a few, and even public sector organizations serving consumers or citizens were forced to adapt. The B2B landscape wasn’t that different either. In the same industries, organizations needed new ways of interacting and working with their extended enterprise – vendors, partners, agents, brokers, corporate customers, and so on. For most companies, this challenge of B2C, B2B, and gig-worker interactions was far more daunting than enabling a remote style of working for their employees. Here, there was a lot less control, and the demands were very different. Imagine, for example, how onboarding a new employee could still happen over a Zoom call. But what about onboarding and offboarding dozens or hundreds of temp workers on a weekly or daily basis? What about doing KYC (Know Your Customer) for a new bank or insurance customer without requiring them to come to a branch office, and that too, at scale? Or what about granting granular access to partners and suppliers to interact with custom-built applications, which was previously not foreseen? Organizations that were quick to react and understand the need for a CIAM solution to address these fundamental challenges of becoming a digital business were able to adapt quickly. Others, unfortunately, continue to suffer because even though the pandemic is now behind us, the rules of engagement have changed. The perception of customers, partners, suppliers and, gig workers, in terms of how they want to engage with your brand, have changed…forever!
So, be identity smart and be cyber smart!
Love the theme of this year’s Identity Management Day - #beidentitysmart and #becybersmart. We should not need a life-changing event like a pandemic to change our course. This day, and hopefully this post, is a reminder for businesses of all sizes across any industry – know that digital identities are absolutely fundamental to your future, both for your internal transformation needs and for transforming your way of doing business. Don’t wait for the next catastrophe to come and hit you hard. Be bold, or get ready to be disrupted. When it comes to thinking about digital identities, GO BIG or GO HOME!