Another Gartner IAM Summit has come and gone and the theme of 2017's conference really followed (and confirmed) what I saw at RSA Conference and the Identiverse (aka Cloud Identity Summit) earlier in the year: It's time to start considering adding intelligence capabilities to your IAM tools, services, and programs.

IT knowledge doubles every year and being able to keep up is a serious problem for today's IT leaders. That same problem extends to information security and sub-specializations like identity and access management. Most IAM program leaders just do not have the time to analyze the vast amount of data being collected to spot trends, anomalies, or even spot identity service health issues. As we continue to shift from legacy/on-premise applications and into the cloud, we are going to keep generating more and more data. If your IAM program is not taking advantage of things like machine learning that can act as a force multiplier to your program, it’s time.

Gartner made some bold statements around this topic at their summit:

“By 2022, one third of all IAM processing will be AI driven to replace and enhance existing IAM process and management function, up from negligible today.”

“Through 2022, over 50% of IaaS security failures will result from inadequate customer management and privileges.”

“After 2022, 95% of IaaS security failures will be the customer's (your) fault.”

My favorite, though, was this nugget from their opening keynote:

"If your IAM product doesn't have intelligence, it should be out of the market."

Now that is a bold statement, especially from Gartner who tend to provide broader guidance. When even conservative groups are recognizing this trend, it's time to act. Of course, this assumes that you already have an IAM program and already have a stable of standard IAM services like automated provisioning, multi-factor authentication, single sign-on, and more. If not, you really need to play some catch up. For those that have their programs in place, there is no time like the present to see how you can get more value out of your IAM investments by integrating more intelligence into your capabilities. It’s the smart thing to do (terrible pun intended). And, as always, we are here to help if you would like to explore how these types of intelligent integrations can create that additional value.

Jeff Steadman

Jeff Steadman

As part of our advisory practice, I partner with our clients to help plan their IAM strategies. Prior to joining Identropy, I spent over a dozen years managing, building, and running Identity & Access Management programs, projects, and teams for SC Johnson and Walgreens.