I loved this article from ZDNet on Garner’s prediction on identity management.
“Protected resources in the enterprise aren’t where they use to be and the move to the cloud has stressed and fractured identity and access management (IAM) to the point where it needs to be re-architected, according to Gartner.”
How true! There needs to be a way forward that is scalable to 6 billion persons worldwide! There is even mentioned “people-centric” approach. One prediction was that by 2020, over 80% of enterprises will allow unrestricted access to non-critical assets, up from <5% today, reducing spending on IAM by 25%. This is aligned to how transparency will have a new place in the society of the future.
I've been thinking and talking a lot about how we must turn how we do security upside-down, re-architec, do it different. The present approach is not working, and hasn't for a long time. I am referring to "people-centric", "device-centric", "information-centric" and a future with increased transparency. There is nothing new with the information-centric, this after all was drafted by the Jericho forum in 2002, their 10 commandments basically stated de-peremiterization of security controls, i.e. put the security as close to the information as is possible.
You should check out what Lequa is doing in the space of IAM. I am 😉