The Identity and Access Management (IAM) industry is moving at such a dynamic pace, making predictions can be tricky, but it's never boring. IAM has undergone profound changes in recent years. It's not over-reaching to say that IAM looks vastly different than it did only a few short years ago, and this is just the beginning. We expect many more changes in the months and years ahead. Here's a countdown of just a few of the things we expect to see in 2017:
#6 Digital Business Drives the Need for Consolidated Identities Data silos have been a challenge for enterprises for a long time, and they are an even bigger obstacle as digital business gains traction. Organizations are collecting customer, employee and partner identity data from a growing number of digital touchpoints. At the same time this data is needed across multiple apps, channels and third-party service providers. It's the perfect storm for disjointed customer experiences and security vulnerabilities unless businesses aggregate this data into a single identity for each person--an identity that can be consistently used and secured.
#5 Ubiquitous Sensors Make Contextually Aware Security a Reality Sensors are becoming more affordable, and as the Internet of Things grows, they are showing up in all aspects of our lives, from fitness wearables to automobiles and mobile phones. Organizations can gain real-time insight into the context around user activities such as place, time and corresponding events. This information makes it possible for businesses to provide highly relevant services and offers that improve convenience and increase value. What's more, this information has the potential to make the digital world more secure. Sensors can detect behavior or geolocation anomalies and trigger additional security controls to protect access to data, apps and systems.
#4 Authentication Standards Adoption Accelerates As companies rush to launch new apps and digital channels to increase their competitive standing over the course of the year, interoperability will be the defining factor in the digital ecosystem's evolution. More organizations will make adherence to standards mandatory, particularly in the area of authentication. The FIDO Alliance's authentication specifications will continue to be a driving force in the adoption of standards protocols that reduce reliance on passwords. Plus, we will see massive adoption of AppAuth protocols for native app single sign on (SSO). AppAuth enables developers to implement best-practice federated SSO using OAuth 2.0 and OpenID Connect, the most widely adopted standard according to our recent 2016 State of Digital Transformation Survey. Google has already announced that developers need to use AppAuth and we expect more companies to do the same.
#3 Multi-factor Authentication (MFA) Moves Us Further Away from a Password-Only World Security threats will continue to rise both in frequency and variety, including phishing and account takeovers. CISOs will combat this by stepping up their Privileged Account Management (PAM) initiatives and mandating multi-factor and two-factor authentication for access to all systems and apps. We won't see a passwordless world just yet, but we will move further away from a password-only world in 2017. The urgency to implement MFA will be a driving factor for our #4 prediction above about increased standards adoption.
#2 Perimeter-Based Security Crumbles in the Face of Securing Data in the Cloud The on-going migration of traditional corporate resources from the data center into the cloud is only going to increase in 2017. This will put even more strain on security resources that were built for perimeter-based security programs. Security teams will need to imbed security with the data and at the endpoints. End-to-end data encryption and intelligent access controls that ensure only strongly authenticated users have access to the right data at the right time will be critical to improving cloud security. Visibility into data use patterns and early detection of data use anomalies will also be keys to protecting data in the cloud.
#1 Enterprise IAM Focus Will Shift to Consumer IAM (CIAM) and the Identity of Things The number one prediction for 2017 in the IAM world is a dramatic shift in focus. Enterprise IAM that manages employee and partner identities will continue to be important, but digital business will escalate the need for consumer identity management and identity management for things in the Internet of Things (IoT). We've already seen the beginnings of this pivot in recent years, and in 2016 analysts, like Forrester and Gartner, officially recognized CIAM and IAM for IoT as emerging market segments. In the next twelve months we'll see a tipping point in which IAM becomes central to digital transformations, including the adoption of cloud and IoT. IAM platforms with multi-faceted abilities to secure identity data, handle massive volumes of data, enforce privacy controls, and increase the usability of identity data will lead the shift.
We've said it many times before; it's an exciting time to be in this industry. We continue to hold onto our vision of digital freedom though identity defined security and customer engagement. We're looking forward to the opportunities that these changes and challenges present to innovate and advance the state of the industry next year, and it will be interesting to check back in this time next year to see how our predictions fared.
We'd love to know what you think about our predictions and hear about predictions that you have. That's why we're hosting a Tweet Jam later this week. To join the discussion follow #identitychats on Twitter Thursday, December 15th at 1:00pm MT. For more information, participation guidelines and general background information, see our previous blog post.