2018 Trends & Predictions in Identity Management

With financial resources, reputation, and intellectual property to protect, industry and government must ensure that the right people have the right access to the right resources for the right reasons. This has never been more important as attack surfaces expand to include mobile devices and cloud platforms; privileged accounts have more access to data than ever before; and unstructured data proliferates.

Sila sees the following trends in identity management as organizations strive to address business processes, technology, and information that support authentication, authorization, and auditing of user access to information resources, data, applications, and systems.

Managing the identity lifecycle for bots, extending to governance and accountability of bot activities, will gain prominence. More businesses are relying on bots to perform business processes to improve efficiency and bring down costs. Bots require entitlements to perform these tasks, and these entitlements need to be audited and governed. It is also necessary to implement controls around these bot identities to apply all principles of identity management. Identity and access management solutions need to be tailored to meet these requirements.

There will be increased adoption of single sign-on, multi-factor authentication, and password-less authentication. A trend that has been in the making for the past several years will be cemented: the recognition that identity is an organization’s biggest vulnerability and digital identity is at the frontlines of security. This will result in increased adoption of authentication and authorization management technologies.

The European GDPR rules will be a driver for U.S. companies to pay more attention to data governance. As the need to protect sensitive data increases, companies will increasingly enforce access controls across unstructured data repositories, and be more proactive in identifying the location, flow, and usage of sensitive data.

User ownership and democratization of identity will be the foundation for Identity 3.0. Users are increasingly taking ownership of their identity, mirroring growing privacy and security concerns and an increased awareness of the vulnerability of digital identity. Global enterprises need to focus on providing solutions that help users manage their privacy while focusing on security. Balancing compliance with privacy regulations like GDPR and increasing automation around bot identities will require laser focus on processes and tools to support this new paradigm. Investing in solutions that propel organizations toward Identity 3.0 will be a key focus area.

Blockchain will become less theoretical and see some practical applications in identity management. In today’s digital world, consumer identity management is centralized. For example, financial identity attributes are managed by credit bureaus and banks, whereas other entities manage social and work histories. Each manages identities in an isolated and centralized manner. In tomorrow’s digital world, however, identities need to be decentralized and federated. Inherent with this decentralization is the need for distributed trust models that can be incorporated by consumers to perform business transactions. Blockchain can provide that by helping to build a distributed trust model to ensure privacy by only granting access to necessary parties.

In a related development, early adopters will take small but concrete steps towards using blockchain-based architectures to automate B2B business processes involving suppliers and other third-party organizations. This will reduce transaction costs, increase transaction speed, and improve security.