According to a Forrester survey commissioned by ForgeRock, two-thirds of IT managers say process problems prevent them from moving identity and access management (IAM) systems to the cloud. IAM systems are struggling to move from the cloud to on-site services, a major challenge for processes.
Of the 313 global IT managers surveyed by Forrester, 80% have already adopted, plan to adopt or plan to expand cloud-based IAM efforts over the next two years. But half of executives lack key security practices and 88% say that technological problems, such as limited functionality and scalability, prevent the adoption of IAM in the cloud.
According to the report, a hybrid cloud approach to IAM can provide a better employee/customer experience and innovation opportunities. However, to realize the benefits, companies must overcome gaps in security, strategy and technology.
IAM systems define user privileges to create security barriers, and their cloud-based supply will provide businesses with more access and visibility on who can access what.
Cloud-based IAM allows IT professionals to manage permissions from the cloud environment, but providing security from a cloud model can be a difficult migration.
“Companies are moving quickly to the cloud to save money, but they still have many enterprise-critical applications running on-site,” the report says. Managing IAM infrastructure in the cloud and on-site creates a “disjointed model of a disjointed model that can raise many security and user experience issues.”
Almost all (98%) IT managers report cloud-related MAI issues, including a lack of visibility on IAM systems for a complete security picture and increasing complexity caused by migration.
Visibility across the IT ecosystem underpins cloud and on-site security efforts. Jim Brennan, product manager at BetterCloud, recommended introducing automation to gain visibility across the entire computer stack in an interview with CIO Dive earlier this month.
Automating workflows to manage configuration settings or applying automation to external user accounts can be applied to the IAM process for additional security guardrails.
The introduction of new policies, processes and procedures into the technology stack also brings new layers of complexity to manage for IT departments and other employees. In an environment filled with disparate applications, empowering and authenticating each user can be a daunting task.
To reflect the complexity and mobile elements of the IAM ecosystem, Target has strengthened its identity management efforts with a zero-confidence philosophy, CIO Dive reported in 2019. The zero trust approach takes into account the problems of redundancy, shared accounts, integration and inactive use. .
IAM’s efforts remain a popular approach to cybersecurity. According to a Ping Identity study, 70% of global business leaders plan to increase their spending on MAI over the next year.