The Case for IAM: Three Reasons to Develop Your IAM and Authentication Practices

Everyone within an organization understands the need for basic authentication, if only for ensuring email accounts and laptops are being used by the appropriate people. But not everyone outside (or even inside) of IT sees the importance of allocating resources to identity and access management (IAM) as a standalone authority.

As a matter of fact, one of the top five IAM issues to be addressed at this year’s Gartner IAM Summit highlights just this problem. “IAM leaders struggle with getting their organizations to recognize that IAM is a distinct discipline that requires focus and commitment,” the program said.

Three Reasons to Prioritize IAM and Authentication

As such, below are three reasons why IAM, and specifically authentication, is an area that your organization not only needs to but should also want to develop.

1. All Data Breaches Are an Identity Problem

What is a data breach other than an unauthorized user accessing sensitive information? By definition, a data breach is an IAM issue, and many organizations fail to recognize that this important discipline could have the single most significant impact on reducing data breach risk. According to Verizon’s “2016 Data Breach Investigations Report,” weak, default or stolen passwords account for 63 percent of confirmed data breaches.

Furthermore, with the average cost of a data breach amounting to $4 million and growing, establishing strong protection against data breach risk is an organizationwide issue, not just an IT matter. Costs associated with data breaches continue to climb, in part due to the fact that the costs of lost business and detection are growing and churn rates have increased by 2.9 percent. As these costs increase, there is no better time than today to build up a stronger defense.

2. Security Threats Often Come From Within

Keep your enemies close and your friends closer. When it comes to securing the strongest trade secrets, upcoming launches, new offers and other sensitive data, it is easy to immediately identify the enemy looking to steal this information as a competitor or the like. But IBM’s “2016 Cyber Security Intelligence Index” reported that 60 percent of attacks were caused by insiders.

Be it knowingly, inadvertently or otherwise, insiders such as employees and third-party business partners are placing sensitive information at risk for malicious individuals to capitalize on. Therefore, it is more important than ever to ensure your authentication process is strong and continuous throughout a user session.

Why now? The number of attacks carried out by insiders has been on the rise: Whereas insiders were responsible for 55 percent of attacks in 2014, that figure bumped up to 60 percent in 2015. With no signs of slowing down, strong IAM and authentication could not be more timely.

3. With Bigger Business Comes Bigger Responsibilities

More users, more applications, more business processes. In an increasingly and already heavily digital world, IAM directly supports the growth and continuity of a business.

Sure, it is unrealistic to say that IAM enables all business growth. However, the processes of onboarding an employee, setting up a secure mobile application to interact with customers or other operations would be unsustainable if not for an IAM platform to correctly authenticate and authorize each user.

Maintaining quick and easy business support for customers and employees alike can help sustain customer satisfaction as well as the quality of future interactions with your enterprise. As Gartner noted, “IAM leaders must develop a vision and road map, build the business case and communicate architectural requirements as well as the tools needed to successfully build their IAM programs.”

Download the buying guide: Realize Business Value by Choosing the Right Identity and Access Management Solution

 

Share this Article:
Patricia Diaz

Portfolio Marketing Manager, IBM

Patricia Diaz is a worldwide Portfolio Marketing Manager for IBM Security. Since joining IBM in 2014, Patricia has held roles in sales and product marketing within the Analytics and Security business units. She holds a BBA from the Stephen M. Ross School of Business at the University of Michigan.