For those of you following the progress of my book Virtual Identity, I just completed Chapter 3 Evolving The IAM Architecture, and would like to offer a preview of the goodness to come.
To effectively address IAM requires that the organization be able to understand and engage with a dynamic, changing, and complex business environment. The IAM architecture must evolve to easily integrate with cloud applications, federate with partners, support multi-factor authentication and enrich authorization and access policies. Whether your organization likes to be agile, adaptive or lean, the IAM architecture must evolve to support the growth mindset that charges the business to increase revenues, improve efficiency, achieve regulatory compliance and embrace new operating models with the cloud and services in mind. All the while, the IAM architecture must evolve as the business evolves, taking the following opportunities into consideration:
- The opportunity to transform the IT operating model from legacy to ITaaS
- The opportunity to securely integrate with partners and 3rd parties, extending operations outside of the corporate network to business networks for distributors, resellers and developers
- Replace legacy IAM stacks with more cost effective tools appropriate for the needs of the business
- Applying IT policies consistently from server farms and infrastructure, to databases, ERP and HR applications, enterprise portals, mobile applications and the growing number of SaaS applications utilized by the organization
- Monitoring, threat modeling, threat detection, remediation and governance for SaaS
These opportunities are not to be overshadowed by the threats and vulnerabilities facing organizations today, many of which were discussed in Chapter 2 Security Driven IAM. From an architecture perspective, we need to expect that nothing short of massive scale, security and governance of IAM will allow organizations to realize the full potential of IAM and GRC initiatives, integrating important high level capabilities as shown in the following figure, The Venn of IAM and GRC.