CA Technologies announced five key trends for security and identity and access management (IAM) that will impact organizations and security professionals in 2015.
Identity-aware organizations will adopt an identity dial tone
The application economy and use of mobile apps is driving a need for a centralized, common way to access identity and entitlement information. Identity-aware organizations need to establish an “identity dial tone” to act as one source of identity truth to simplify app development, deployment and adoption and spur new innovation. It will encompass all apps, across all channels and be easily available using identity APIs.
Universal authentication comes to your pocket or bag
Mobile phone or device will be used as a universal authenticator. Focus on authentication, driven by factors such as President Obama’s executive order (for multi-factor authentication), chip and PIN / signature technology, biometrics and new payment models will drive the demand for simpler and streamlined authentication. Organizations will strive for zero-touch authentication to deliver as frictionless and password-free an experience for their customers and employees as possible, and the mobile device will be a key element.
A shift from identity management to identity access security
A change in emphasis within the identity market will occur, based primarily on the impacts of last year’s breaches. The emphasis will shift from basic identity administration to identity security. The majority of 2014 headline breaches hinged on compromised insider identities that opened organizations to data theft and application abuse. Protecting organizations against rogue or compromised insider identities will require new kinds of identity and access security that is intelligent, contextual and verifiable.
Mobility and the Internet of Things will drive the emergence of API-first architectures
The rise of mobile apps and the Internet of Things will drive a move towards lighter-weight, API-first architectures in order to more easily connect into the digital ecosystem. These architectures will be better able to support the large array of user types that need to access apps and data on-premise or in the cloud and across a range of device types. An API-first architecture is what will provide the agility and flexibility that success in the app economy requires.
Boards of directors will have increased visibility and involvement into the corporate security strategy
Corporate executives and boards will be held accountable for breaches that damage their corporate brand. This will increase their level of involvement in security strategy and governance. Security will shift from an “IT problem” to an “executive problem.” Concerns over “denial of business” will drive increased board oversight.