This week, IAM and security professionals came together in Las Vegas for the Gartner Identity and Access Management (IAM) Summit to discuss the top trends and strategies across the IAM landscape in 2018 and beyond. From best practices for implementing mature solutions to discussions about the future of the innovative technologies, the summit gave refuge for all the weary-eyed professionals looking to tackle their biggest security challenges.
Here are our top 5 key takeaways from talking to analysts, vendors, and customers:
1. Visibility is too fractured to offer any real value
Just about every vendor on the exhibition floor promised to help you see what is going on in your environment. This promise, however, comes up empty-handed. Customers feel frustration at throwing money at point solutions that promise them visibility into identities and endpoints both in and out of their network but still offer up blind spots. With the proliferation of cloud applications and unmanaged endpoints, it is difficult for point solutions to offer complete visibility. Would the answer to this problem be a marriage between Cloud Access Security Broker (CASB) and IAM to see access to unsanctioned cloud applications? Would it be to fix access controls policies in your Privileged Access Management (PAM) solution? The answer goes beyond one particular point solution or a niche integration. Simply put: there needs to be a central security solution that can talk to the different point solutions and pull in the necessary data to present a unified and easily consumable view of all users and access.
2. Privileged Access Management is still too complex
Getting user access controls right seems like a daunting challenge. With employees changing roles, departments, and companies, protecting the organization from both insider threat and risky users seems like a never-ending battle. Customers simply want to reduce the amount of privileged accounts and ensure that only the right people have the keys to the kingdom. However, responding to incidents and escalation is no easy feat. For PAM solutions to work both seamlessly and securely in an organization, they need to find a solution that provides adaptive and continuous security all while triaging incidents and escalations so that the burden doesn’t fall back on the administrator. User roles can no longer be defined by static traditional PAM policies, but instead be just-in-time and adaptive to the behavior of the user.
3. Hybrid Cloud environments are here to stay and causing headaches
Just about every single customer we spoke to has a hybrid cloud environment. They want to move to Azure Active Directory (AD), yet they cannot get rid of their on-premises ADs and federation services. Moving to a complete cloud model is still far in the horizon and for the time being, IAM practitioners struggle with the security challenges of maintaining both identities on the network and in the cloud. Not only are they assuming more security responsibilities that traditionally fell under the IT security team, but the challenges with a changing hybrid environment are becoming increasingly complex. From on-premises identity governance (IGA) solutions to cloud-based single-sign on (SSO) and multi-factor authentication (MFA), the challenges of applying consistent policies across all endpoints feels like a continuous race to the top. Security orchestration and automation for all of these solutions is becoming the only scalable solution for already overworked IAM teams.
4. Understanding user behavior is critical to mitigating modern risk
Most security solutions are binary. You set a policy. A policy is violated. Remediation services are taken. (Input A. Output A. Input B. Output B. Rinse. Repeat.) The problem with this kind of security model is that attackers are smarter than binary policies. Threats have now advanced to the point that many can circumvent traditional security solutions that act as one-time gateways. Responding to these new advanced threats requires an adaptive solution that not only monitors and assesses the user behavior but takes remediation actions based on the user’s identity and the risk of the that particular behavior at that point in time. User and Entity Behavior Analytics (UEBA) is a starting point for better threat detection and can help drive adaptive auto-remediation policies across your entire environment. Security automation and orchestration that leverages UEBA is widely considered the best defense against protecting against new and advanced threats.
5. The CARTA framework is the future of addressing modern threats
Gartner presented their CARTA approach that presents a new approach to security that is adaptive everywhere and manages risk in a holistic manner. CARTA builds on Gartner’s Adaptive Security Architecture and pushes enterprises to embrace a continuously adaptive approach to information security because in an increasingly digital business world, binary decisions – black or white, allow or block – do not work. IAM and security practitioners need to take a closer look at how to enable transactions when all the information is not available or there is a known level of risk. They also need to implement in a way that increases efficiency and security operations. Point solutions are no longer sufficient to address the challenges that are posed in the modern IT landscape. Whether you’re trying to achieve a Zero Trust model, adopting a CARTA approach, or building a BeyondCorp platform, one thing is abundantly clear: IAM and security solutions can no longer be static and siloed.
Thank you to everyone who came to visit us at our booth. We had a great show and are excited to see you next year!