Contributed article by Daniel Raskin, vice president of marketing, ForgeRock

Shifting from a "castle defense" to a mobile offense security model

The modern Web has enabled companies to create better relationships with customers andpartners by offering them easy access to company data. It has prompted a shift in the enterprise, making organizations more open but at the same time, they expect the same level of security. In 2014, I predict that we will watch the identity and access management (IAM) industry shift to address the evolving needs of the organization. Here are a few specific predictions:

Companies and CIOs will move their focus and investment from internal identity to external identity, driving top line revenue and new business models

Traditional identity is a classic "castle defense" model - focused on keeping things out, providing access to employees and lowering operational costs. As CIO roles shift and are now expected to help enable business to drive revenue, they will need to approach identity management differently. Identity management in 2014 will focus on helping drive revenue by focusing on external stakeholders like prospects, customers and citizens, instead of solely driving security and access management at the employee level. Along with this, a change in the technical values of identity systems will occur. New systems will need to manage data at Internet scale, while addressing a border free world that must support identity anywhere on any device and at any time.

Cloud, SaaS and mobile adoption will needidentity platforms that are contextual and able to make decisions in real-time

With theadoption of cloud, SaaS and mobile, enterprises are now dealing with a variety of environments. Before the adoption of cloud, all the data that was accessed was on premises, but now it is spread over a variety of platforms, bringing in a whole new level of complexity when it comes to access privileges and identity platforms. In this new business environment, real-time decisions must be based on context and relationships, rather than static role-based access control. For example, if a user is logging in to from an atypical device, they may need to go through a multi-factor authentication process to add additional layers of security, while assuring that the user with proper credentials is able to access the information without delay from the device of their choice.

The Internet of Things and consumerization of IT will lead to a divergence in the world of identity

The Internet of Things and consumerization of IT brings transformative elements to the enterprise, which will cause identity management to split into two realms - enterprise identity and access management (IAM) and consumer-focused identity relationship management (IRM). With more prospects and customers turning to the modern Web and accessing information on a variety of devices, identity management must become more dynamic. Organizations will turn to security and IRM solutions that are flexible and scalable enough to not only secure customer facing services but also drive relationships based on real-time attributes and context. By providing unbounded scalability and agile development, IRM willenable organizations to bring services to market quicker, helping to extendbusiness reach, speed time to market and drive top-line revenue.

As organizations begin looking for identity systems that are centered on embracing the modern Web and Internet of Things, 2014 will be an innovative and evolutionary year for the world of identity. Identity management will go far beyond simply securing Web applications, but rather it will focus on meeting prospect, customer and partner demands for a faster and more agile user experience and enabling businesses to drive new revenue streams.

##

About the Author