Earl Perkins, the Gartner IAM analyst, spoke today at SailPoint’s Navigate conference about the future of the technology. He covered how businesses are evolving to take the best advantage of managing their identity collections. One item was his opinion on how some IAM projects fail because “IT tries to find a group to stick an IAM project onto and justify its own purchase. Projects stall because they are poorly planned out, or because IT didn’t get an executive level sponsor who gets what they are trying to do. It is also difficult to measure an IAM program’s success.”
Despite these obstacles, IAM is evolving into becoming more of a business decision, where a few years ago it was mired in the tech area exclusively. “We have moved beyond handling simple compliance justifications into a new realm, where we are more concerned about the aspects of risk management. People are ready for that now, and its time has come,” he said during his presentation.
What does this mean? Take the use case of BYOD, and the issues around what devices IT should bless and manage for the enterprise. This comes down to evaluating relative risk of various IT actions. “BYOD is really a risk issue: how much risk as an enterprise are you willing to accept for the number of devices you are willing to support?” Perkins says it really doesn’t matter what the eventual decision is, because ultimately the enterprise is going to pay for the consequences one way or another. Instead of hiding one’s head in the sand, IT should “embrace mobiles because the business has spoken.” Instead of anointing particular devices, he says enterprises should be “willing to divide up their support into different trust and service levels. This is all part of having the right corporate culture which needs to be able to have conversations about relative risk.”
Perkins had some good advice for IT: “make it a business decision and remove the passionate and emotional arguments. Then it just becomes a math problem.”
Perkins picked several emerging trends:
- Cloud options are beginning to mature, grow in scale, and become more numerous and varied in their support options too.
- Greater support for new mobile identity options is making increased demand for integrated asset management.
- IAM is moving into more analytics and integrating with Big Data approaches. “We still suck at what data we need to collect as we move through the IAM process,” Perkins said during his presentation.
- Socialization of data is expanding the various options available to enterprises. He mentioned today’s SEC ruling that allows public companies for the first time to mention news using social media channels.
- As IAM matures, processes and organizations are finding new uses and it is becoming more mainstream. He did say that part of this maturation is that eventually the customization demands for IAM will decrease.
You can also read some of the things Perkins has written about the future of IAM on Gartner’s blog here.