Monday, February 13

Is the era of Identity Management behind us?

From a forthcoming paper I'm working on:
The era of identity management is behind us. It’s not that we don’t still need it, but there are plenty of mature solutions on the market to help organizations manage user accounts across systems. Over the past decade, we built the core technologies, added features and workflow, and built numerous useful solutions on top of the platforms. It has all led to this. We’re now in the age of Access Governance.
What do you think? Am I overstating it? The point is simple. We've done a pretty good job figuring out how to help organizations centrally manage user accounts. The question has now shifted to management and audit of rights across the enterprise. It goes beyond the typical Identity Management sandbox. It's not just user accounts in various repositories. It's unstructured data. It's evaluating security policies in addition to share and folder permissions to figure out true file system effective rights. Or where user accounts are being used to run Windows services. Or where they have GPOs applied to them. This is the new frontier.

More to come.


Alek Davis said...

I'd say this is an overstatement, at least as long as we agree on the meanings of "plenty" and "mature". :-)

Steve said...

I think you could argue that there never was an era of identity management.

Matt Flynn said...

@Steve - Well, I realize from a general IT standpoint, nobody thought of it as the era of IdM, but IdM (user management) was probably higher on the attention scale than it may ever be again. Attention has shifted.

@Alek - you may be right ;) ...but in fairness, if you want to automate the creation and management of accounts, it's not too difficult to get it done at this point.