Vadim Lander, Symantec Identity Management Security Chief Architect and CTO, Broadcom is to give a presentation entitled The Dawn of Digital IAM on Monday, September 13 starting at 17:40 pm at EIC 2021.
To give you a sneak preview of what to expect, we asked Vadim some questions about his presentation.
How would you describe the state of identity today?
I think in the identity management space today, we're seeing a number of challenges. Identity is often called the last perimeter or sometimes the only perimeter and now identity has become a highly critical component of the enterprise architecture. And as enterprises continue to figure out how they need to grow, how they need to compete, how they need to pick up the right kind of IT infrastructure. They're also looking at how to modernize their investment in identity and access management, how to modernize the IM architecture itself, to be able to implement the kinds of experiences that businesses need to deliver to their customers. So that is creating what I would say, a revolution for identity and access management, requiring IAM to be revolutionized, modernized, and then rethought in terms of how does it behave? How it's supposed to integrate, and then how is it helping organizations to create great customer experiences?
How should or could identity evolve?
I think identity, for the most part, typically looking at it from three perspectives. One perspective is, how does it help a business create the right user experiences? We, as consumers, as employees, as business partners always want to see 360 of the enterprise, of the organization, and then the organization needs to see 360 of us, of our identities and sometimes we call that omni-channel. So, one dimension that identity has to evolve in is in terms of being able to provide us with capabilities across different channels while maintaining security, while maintaining great user experience, while maintaining the right level of privileges. To ensure that identities get what they need and then enterprises handle this security the right way.
The second point is about being able to bridge the question of entitlements. We've always, as an industry, struggled with what is an entitlement then? How do you properly align the use of the entitlement with the management of entitlement? And so this is the “I” in the IAM as Identity, and the "A” in the IAM is access and being able to fuse the identity aspect of who can do what, and then the access aspect of what are they supposed to be able to do, is really the question. And, we're seeing now steps you need - IAM architecture - to be able to fuse these into fewer data models, simpler data models, and easier to administer, and easier to manage this kind of relationship.
And third is, I would say, it's the architecture itself, how do we practice identity management? How do we run identity management? Where does it run? So being able to create an environment where identity management itself as an IT architecture can take advantage of modern compute infrastructure, of modern cloud or hybrid cloud environments, and being able to connect the dots across the extended IT fabric of the organization. So the “I” in itself as an architecture is now undergoing changes to be able to take advantage of the latest advances in compute fabrics.
What should be done to make digital IAM a reality?
I think it starts with the understanding of what are the goals? What are the business drivers here? Are we looking at expanding or making the user experience great across Omni channel? So, we need to help with the modern way to authenticate identities. The passwordless starts to come into the picture, but not just the passwordless, but also the right level of risk management. Every IAM decision that has to be done with some form of risk being measured and acted upon - and this is exactly, for example - where zero trust principles, zero trust computing comes into the picture. So you have to understand exactly “where are the business needs”?
How do we help users have much better user experiences? Where do we need to invest to create a more secure and while making it more agile environment? And how are we able to delegate these capabilities to the line of business, to the application teams that have to be able to ramp up their application environments, get the new business apps out the door. So, the line of business teams, the application teams, the IAM program teams and the IT infrastructure have to work together to make this a reality now.
Are Identity Fabrics the key to digital transformation and the future of IAM?
I think so. I think what we mean when we say identity fabrics is, we mean availability of capabilities. We mean on demand availability of identity, dial tone, which doesn't necessarily mean identity as a service, in terms of SaaS infrastructure. But what it does mean is being able to incorporate identity and security capabilities into the fabric of your applications, no matter where those applications may be now that we don't have a perimeter anymore. Identity is the perimeter. And we need to make sure that the decisions we make regarding identity, regarding who you are, what you're able to do, what are your privileges? Those decisions can be incorporated into the fabric of your applications and that requires use of standards, that require use of APIs. So, I would say now the identity has to be a hundred percent API driven, so they can be incorporated into the fabric of your environment. And that's really where the notion of fabric comes into the picture, meaning that you can put together these scenarios and then have the right level of identity and security products as the fabric of your apps.
Could you give us a sneak peek into your presentation: “The Dawn of Digital IAM”?
Yes. So, I'll just mention a couple of things. One is I'll be talking about identity and access management in terms of how it's being modernized. So, how do I think it used to be modernized? What are we, as an organization, doing to help our customers modernize their identity and access management infrastructure? How does this relate to zero trust principles? Because zero trust - being able to incorporate risk into everything we do and making sure that the identity management itself can be seen as an omni-channel, continuous fabric of identity capabilities - really part of this new architecture that IAM used to deliver on. We are working on that. We are working on helping our customers modernize the environments. And, I do believe that the fabrics concept, and the notion of identity services really become key in this modern world.