All Research
Leadership Brief
Identity and Access Management (IAM) have been with us long enough to develop a strong history, but also a strong mythos, that is, a set of beliefs or assumptions which might or might not be correct – or which may have once been correct but are no longer.

1 Recommendations

IAM is the granddaddy of identity related technologies, having been with us since the last century. But in that time, a mythology has been created including things that were once true but are no longer, things that are only partially true and things which never did have any validity. These are our recommendations for overcoming these myths.

  • Integrated architecture, services, applications and – equally as important – user education are necessary. No software alone can solve your IAM problems.
Identity Management has to cover everyone and everything.
Figure 2: Identity Management has to cover everyone and everything.
  • Dynamic, policy-based access control is necessary to protect your data and resources; static ACLs (Access Control Lists) no longer do the job properly.
  • Proper IAM, as well as proper governance, requires all users and resources are part of a single integrated identity domain – separate structures for on-premise business, industrial control systems and cloud-based services can only stay separate at the risk of massive data breaches.
  • Authentication methods all have exploitable flaws. Use risk mitigation techniques and policies to overcome their weaknesses. None of these methods is a “magic bullet.”
  • Employee education –especially in the area of IAM – must be an on-going process. To say that “they all attended an orientation briefing and signed the appropriate policy when they joined“ ignores the lesser fact that not everyone retains information from orientation and the greater fact that not everyone (e.g., partners, vendors, contractors) goes through orientation.
Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use