The new world of IAM (Identity Authentication Management)
The market trends push us to try to handle identity management in a secure way. The increase in systems that ask for credentials outside of a secure environment continues to grow, and with this we are faced with possible security breaches, Whether due to a lack of awareness on the part of users or due to exhaustion, a weak password always ends up being typed in at the end.
And this is where an IAM comes into play, this piece will allow us to enter all the environments from a single point and with unified security standards, but what should an AMI have?
As its name suggests, identity governance, while it must be flexible and have the capacity to adapt to existing and new systems, is a very important part of an organisation and should never be an impediment to its growth.
Enable multi-factor, improving security will be key in an IAM. and therefore enabling unified multi-factor will greatly increase security, either with a trusted device or a physical element such as a biometric.
Trusted devices, should they be controlled, is something to consider, if an organisation only has its own devices for all its employees why not manage it from this point and only allow access from them. More and more devices are being used mobility devices, as well as applications for the same so they have to be controlled, not to mention the cloud environments that continue to grow steadily.
But is this easy? No, implementing an IAM is something that involves a significant initial effort for companies, although in the medium term it will gain in flexibility and will require less human effort when registering users.
Not only would we gain in flexibility, it will be possible to controlling access to data, This would fulfil a requirement under the GDPR, this is the evolution to an advanced IAM that not only manages identities but also access to organisational documents.
What else can we expect from IAM systems? A leap to blockchain, there are already some projects that are testing blockchain identity which will guarantee the secure storage of information.
So all that remains is to choose the one that best suits our organisation and mood.