Identity and access management (IAM) is a mature and well understood domain of security. That doesn’t mean it’s static. While IAM is commonly associated with security — indeed, it is an essential part of a holistic security program — many people are beginning to understand the business processes it represents as well. They therefore view it as an IT operations topic. The truth is likely both: It blurs the lines between security and operations.
Recent trends in this area reflect the mainstreaming of IAM into the business. My colleagues and I have seen this manifested in five important ways, and we expect these trends to continue in the coming year. Each of these areas represents an opportunity for chief information security officers (CISOs) to take advantage of recent trends.