As 2014 unfolds, security professionals need to be on the lookout for some key trends in identity and access management. CA Technologies has provided a helpful list, as reported on the website Help Net Security:
“We believe that the technology trends of cloud, mobile and social will continue to heavily influence the direction and need for IAM in 2014, but we also see new business demands and enabling technologies joining in to put a twist on the IAM and security path for many organizations,” said Mike Denning, senior vice president and general manager for CA Technologies’ security business, as quoted in the article.
The expected trends are:
1. The software-defined, open enterprise will emerge. “The enterprise is remaking itself into a platform that developers can experiment with and innovate on,” the article reads. “Every IT layer from data to application to infrastructure to network is becoming service-enabled and software-defined through APIs.”
2. Hardware elements in mobile devices will become an increasingly important part of IAM. Rapid upgrading of mobile devices will make hardware-based security technologies widespread in short order, according to the article. Those systems will help solve some of the challenges that bring-your-own-device policies must address.
3. Lack of scalable identity proofing will continue to vex broader deployments. “The recent online user experiences as part of the Obamacare rollout demonstrated the logistical challenges of validating online identities in an accurate and scalable manner,” the article reads.
4. The Chief Marketing Officer will become a new force for broad identity management initiatives. Perhaps less applicable to federal agencies, but a trend nonetheless. CMOs will push for a stronger brand presence on social networks, in order to engage customers and capture valuable data,including user identities, social interaction patterns, and browsing and buying tendencies.
5. Risk-based authentication expands beyond Financial Services: Security mechanisms that are cumbersome meet resistance. “The need for both stronger authentication and a positive user experience will lead to the widespread adoption of risk-based authentication, in which contextual data about users, devices, applications, locations and other potential risk factors are collected and analyzed to determine a risk-level for the user’s identity,” the article predicts.
Financial services operations have already led the way toward risk-based authentication; 2014 will be the year they expand more broadly, according to CA Technologies.