2012 has been quite a year for identity and access management for our clients and for the IT and business world in general. The amount of interest and inquiry has grown to unbelievable rates. Our research has been read, discussed, questioned and challenged. Our IAM Summit in Las Vegas had its strongest attendance since the summit’s inception. IAM vendors and service providers have been working with Gartner in record numbers to discuss their product and service roadmaps and futures. New ones have appeared almost monthly. While not necessarily a record year in mergers and acquisitions by IAM solution providers, it was robust. Actions by clients and providers alike point to an inflection point in IAM for 2013– in the way it is planned, produced, purchased and put into production.
Clients using IAM are growing more mature in IAM usage, demanding more of solution providers, and innovating as a result of the changing dynamics in business. Clients selecting IAM tools for the first time are asking harder and more penetrating questions regarding capabilities, pricing, and the nature of relationships with providers. The broader impacts of IT changes in mobile, cloud, social media and information (i.e. the Gartner Nexus of Forces) are being felt as IAM customers struggle to keep up with challenges and choices.
All of that sounds impressive, but what does it really mean for clients in 2013? What does it say about the future of IAM as a practice, a process, or a market?
IAM as a practice has finally gained a degree of credibility within maturing enterprises. Clients recognize the value of knowing who has access to what, who gave it to them, and what they’ve done with it. They leverage such knowledge not only for regulatory compliance purposes, but to enable business decision-makers to “index” decisions with a “who view”– to provide an identity context to decisions involving enterprise resources, supply chains, customer relationships and human resources. IAM as a process is now defined– there is more formalism and structure around employee, customer and partner onboarding, change management and offboarding of identities. There is better sharing of information between IAM systems and security systems that can also use that identity context in delivering their own answers to IT and the business alike, from data loss prevention to security information and event management, from network access control to governance, risk and compliance management. IAM as a market continues to grow at a formidable pace, addressing the increase in the means of delivery (via cloud and social media) as well as in access points (via mobile). Information is the delivery mechanism for identity context, but is also useful in providing a degree of granularity to the IAM experience, whether in authentication, authorization, provisioning or other capabilities.
2013 is going to be an exciting year for IAM and for clients that use it. Validation of all of those painful, pricey efforts to implement a robust identity data and log model will begin to bear fruit. IAM as a service (IDaaS) in the market will continue to grow in market presence, finding its place in realistic implementations that leverage the uniqueness of that delivery and challenge the status quo of enterprise solutions. The rise in mobile needs for IAM as well as the enabling of IAM options via mobile ensures a rich growth opportunity for innovation. Social media requirements as well as its contributions to IAM ensure a unique opportunity to redefine identity itself to be more encompassing than just for the enterprise. The quantity, quality and velocity of information from 2013 IAM systems will be dramatic, and clients will need to be careful that they don’t drown in a sea of IAM information by leveraging new skills sets and new analytics tools to ensure information becomes knowledge.
Happy New Year! And buckle your seatbelts. It’s going to be quite a ride.
Category: IAM Tags: