A major trend during the course of the last year or so has been the surge in the use of identity and access management (IAM) solutions being deployed within organisations across multiple sectors as they recognize that such an approach to managing access to information is crucial for their company’s success. In a nutshell, IAM solutions are extremely useful in cutting costs and helping make many otherwise manual processes more efficient, if not automated. We’ll continue to see this approach in the months to come as the market not yet matured. It continues to grow under the influence of a number of important developments, which will benefit organisations of all size. The following details a few of these developments.
Efficient log in procedures
Organisations face issues in allowing their employees the ability to work efficiently, something that can be hindered easily by lack of access to information and systems. Because of this simple to manage issue, there has been a focus on the log-in process and how it can be made more efficient for all users. Many organisations also have tried to improve the process by offering staff a portal where the direct links to the various URLs for their web applications are clustered. Employees then only need to remember one URL, which is that of the organisation’s portal to get to all of the applications they need. The problem with this approach is that employees still need to remember a number of usernames and passwords to access organisational information.
To resolve this, one solution is WebSSO. With web single sign-on (SSO) end users only have to authenticate themselves once by entering their username and password from the Active Directory. WebSSO then takes over the log-in processes and automatically logs in the user into all applications, including web apps, once they are launched. This frees the user from having to enter log in details again when wanting to open an additional application. This process is not only more user-friendly, but also more secure since it reduces the need for end users to write down their credentials to remember them.
Another log-in issue that is of concern is users constantly re-authenticating themselves if they frequently move around or change computers. Virtual desktops have become extremely useful in many different industries for these types of employees. They allow for many users to log in and work from a single desktop interface. This is quite common in hospital settings, where doctors are moving from room to room and need to work from different computers in different locations.
Virtual desktops can also cause many issues since frequent movement to different desktops requires the user to repeatedly log into each system and application needed. This is why many organisations have realized that the benefits of a virtual desktop can be made even better if used in conjunction with a single sign-on solution. This allows them to easily log in to each desktop with a single user name and password.
Advanced authentication methods
Security is another topic that everyone, across all industries, that IT leaders are keenly aware. While it is important that the log-in process for end users is simple, it also needs to be secure. This has led us to look toward more ways to keep our information from being stolen and increase the security of our organisation’s systems and applications. Biometrics, the use of the human body or traits to verify who they are, has proven to be one of the newest, most secure ways in which to authenticate and identify oneself. Such methods use human voice, retina scanning, facial recognition and fingerprint to authenticate a user. Some computers are even able to read the user’s signature and match it to their original signature in the system to verify the user.
Of course using one method of authentication is always less secure and can be hacked more readily. This is why in the near future, we will also see a dramatic shift away the current norm of typing in a user name and password to a more secure technology consisting of a second factor of authentication or even multiple-factor authentication. This increases security by requiring the user to present something they know, such as a password or PIN, something they have, such as a smart card or mobile device, and possibly something they are, such as a biometric characteristic.
Access Governance
Another major concern of organisations is the increasingly strict legislation and regulations. These rules are constantly changing and are time consuming to ensure compliance. Manually charting the rights granted within an organisation is a highly complicated, time-consuming and extensive process. In many instances continually managing the rights structure is simply not feasible.
With identity and access governance (IAG), organisations can easily ensure that employees only have access to the network resources they need to be able to perform their duties, without needing to go through the time consuming audit process. In the past, access governance was largely the domain of financial institutions and major international concerns. As a result of a variety of developments, IAG has become more accessible to care institutions, medium-sized companies and other commercial organisations.
Overall, the IAM market continues to grow and evolve to meet the needs of organisations and the changes which they are making within their company. This will continue to be the case throughout 2015.