Identity and access management (IAM) is one of the most complex and difficult tasks that network administrators face, and it’s about to get worse. The rise of cloud computing shows no signs of slowing down, and is about to pass a threshold where computing power, rather than the efficacy of managerial systems, will be the limiting factor on security.
Here at InfoQ, we’ve recently written about some novel ways in which cybersecurity analysts are adapting to this problem. Some are using blockchain for identity management. Others are looking to market-leaders on the scale of Netflix, hoping that the systems they have put in place provide a clear path forward.
In this article, we’ll take a more direct approach: we’ll look at why IAM is becoming such a huge challenge, explain why identity is the new currency, and then reveal some principles that can help you meet this challenge.
(Labeled for reuse: Pixabay)
In order to understand why IAM has become such a headache for network admins, it’s worth reminding ourselves of what IAM consists of in the first place. At a basic level, IAM is a simple enough concept. Any IAM system is concerned with defining and managing the roles and access privileges of users on a network, whether these users be employees, customers, or vendors. The core idea of IAM systems is that each user should be assigned a unique identity, and the associated level of access should then be managed throughout the user’s “lifecycle.”
This simple description, however, hides some of the complexities of contemporary IAM systems. In reality, companies have adopted a wide range of IAM approaches, and the way in which identities are managed varies considerably between them. In addition, the sheer number of systems in use at the average organization means that authentication technologies and processes struggle to keep up.
There are two major reasons why IAM is more difficult today than it has been before. One is the sheer scale of cloud deployments; the other is the increased frequency of identity-based cyberattacks.
Let’s take the problem of scale first. According to recent research, enterprises in 2017 expected to use an average of 17 cloud applications to support their IT, operations, and business strategies. So, it’s no surprise that 61 percent of respondents believe identity and access management (IAM) is more difficult today than it was even those two short years ago. With so many different systems in play at any one time, IAM is no longer just about having a rigorous tracking and authentication system in place. In many organizations, the computing cost of authentication and encryption now forms the primary bottleneck on network performance.
#identity management #cloud #cloud computing #application security #devops #architecture & design #article