Courion Corporation

IAM: More Than Just a Technology Play

Identity and Access Management (IAM) is more critical than ever to organisations of all sizes. Even some of the largest companies in the FTSE 100 still use manual processes for tracking who has access to what. Such systems are often paper-based, or involve multiple standalone IT systems. Either way, it can be a time-consuming process to enable access, and an even harder one to take it away again. A poorly implemented manual process will buckle if you have to do it for 1,000 people in quick succession.

The current spate of job losses, mergers, acquisitions and data breaches have prompted several companies to take action to automate and modernise their access management processes and IT.

So significant is the issue, research group RNCOS released last month is forecasting that the IAM market will grow at a compound annual growth rate (CAGR) of nearly 23 percent between 2009 and 2012. Europe and Asia-Pac will account for nearly 62 percent of the market by 2012 according to the research, largely because of spending on IAM in the major financial services centres.

As Gartner rightly points out in recent coverage on vnunet.com, the knock-on effect is that many rush in and choose a solution based on reputation rather than proven capability. No IT solution should be chosen on that basis alone, especially a security solution.

A sound upgrade of any IAM system and process is achieved through the considered and planned deployment of technology and services, with clear objectives for efficiency improvements and longer-term cost saving in mind. For this reason, investment in any IAM solution - especially if it is to replace an existing solution or group of disparate systems - must not be a snap decision.

Of course, IAM is more than just a technology play, even the best technology deployment needs to be supported by clearly-defined policies and staff education to ensure that best practices are adhered to at all times.