editor ’ s question

vents like Identity

Management Day – held on April 12 every year – are doing their job in highlighting the importance of securing and managing digital identities . In the past , Identity and Access Management ( IAM ) has been sort of an afterthought – organisations hadn ’ t recognised how having a handle on identity management can cause a genuine security risk to the business . However , according to recent research , security professionals named an identity management solution as the number one priority to address their current security gaps . Evidently , IAM is becoming recognised as an important process to have within a business .

This has been particularly apparent in the past year with governments implementing more initiatives to ensure organisations are following the best cybersecurity practices , including identity management . The recent White House Zero Trust strategy was a prime example , stressing the significance of consolidating identity systems so that protections and monitoring can be applied .

We have seen , however , that all too often organisations store identity data across different applications which all use a variety of protocols and therefore cannot communicate with each other . What ’ s more , the number of identities relating to a business is expanding and as the IT estate grows , the more unwieldy it becomes . This is called identity sprawl which inevitably hampers the ability of organisations to manage , audit and control digital identities .

New security frameworks such as Zero Trust rely on accurate and accessible information about the people , objects and devices that interact with its network . And it ’ s the quality , the granularity and the availability of that information that determines the security

or vulnerability of the organisation . Managing this identity data is essential in order to understand the security risks to the business .

So , what is needed going forward for 2022 ? Having a unified and logical identity system , such as an identity data fabric , is crucial . An identity data fabric provides a connective layer that sits between consumers of identity ( applications , services , as well as other identity solutions that provide access management and governance ) and all the silos of identity data . Applications now have one reusable service that they can connect to for unified and normalised identity data , on-premise or in the cloud , using the format and protocol of their choice . As a result ,

GREG SMITH , SOLUTIONS ARCHITECT AT RADIANT LOGIC

applications can effectively delegate the complex identity integration work to the fabric and focus on the core capabilities they were designed for .

A single version of identity truth – one place to go to get everything that ’ s needed , in exactly the right format every time – is something that organisations should consider when moving forward with their identity management plans . The ease of which this solution can be applied to a business will mean organisations will have a better security posture because their identity data is in one place . A flexible and manageable resource will ensure that organisations are finally able to gain control over their identity data and turn it into something that works for the business .

28 www . intelligentciso . com