Gartner, Inc. has revealed its key predictions for identity & access management (IAM) between 2009 and 2011. Analysts have identified forward-looking assumptions around smart-card authentication, identity-aware networks, hosted IAM and out-of-band (OOB) authentication.
By 2011, hosted IAM and IAM as a service will account for 20 per cent of IAM revenue. Solution sets related to intelligence, administration, verification and access are evolving from software-centric platform delivery models to composite services models. These reduce the costs of implementation and use and prepare for a more-mature production-centric approach to delivering IAM as a service. Markets for first-generation hosted and managed IAM services address relatively mature implementations. They enable customers to focus their technical planning and delivery on less-mature feature sets such as access and intelligence.
A growing percentage of the revenue realized by IAM vendors and service providers will be made possible by the next step in the IAM maturity model, toward hosted IAM and IAM as a service. Gartner recommends that existing IAM solutions users evaluate service-based options for extending the solutions, rather than significantly upgrading those solutions. Those that have not deployed a significant IAM solution should include service and appliance options in their review to gauge the progress of IAM maturity and its suitability.
Through 2011, 20 per cent of smart-card authentication projects will be abandoned and 30 per cent scaled back in favor of lower-cost, lower-assurance authentication methods. The use of smart cards with public-key credentials is generally regarded as a high-assurance authentication method. However, provisioning and managing smart cards and the necessary desktop infrastructure are relatively expensive. A risk-based approach may force some organizations to implement two or more authentication methods, which are likely to include smart cards. This will drive the adoption of versatile authentication servers (VASs), which provide a single infrastructure for multiple methods and a single integration point for the local network and heterogeneous downstream applications.
Gartner recommends that organizations with a free choice of authentication methods for local access should take a scenario-based approach to selecting new authentication methods, based on risk, end-user needs and total cost of ownership (TCO).
By 2011, 30 per cent of large corporate networks will become ‘identity aware’ by controlling access to some resources via user-based policies. Most corporate networks are anonymous, because they forward packets based on internet protocol (IP) addresses, rather than users' identities. Adding identity awareness to networks to monitor user behavior and enforce access based on a user's identity is identity-aware networking (IAN), which blocks access to resources that a user is not authorized to access. Some solutions also provide audit trails that satisfy auditors.
Gartner recommends that network managers and others responsible for IAM projects develop strategies for making networks identity aware. They must ensure that all new network infrastructure and network access control equipment purchases have the capability to support this strategy.
By 2010, approximately 15 per cent of global organizations storing or processing sensitive customer data will use OOB authentication for high-risk transactions. The security measures that most financial institutions and other service providers have in place are proving inadequate in the face of new cyber-crime attacks against customer accounts. Man-in-the-browser (MITB) Trojan attacks in particular are rendering most installed stronger user authentication measures ineffective so organizations are turning to OOB user authentication and transaction verification for high-risk customer transactions.
Most global businesses that implement OOB authentication and transaction verification will use customer-owned landline and mobile phones as the ”something you hold” factor. Users must understand and trust OOB calls or SMS messages delivered to their phones and service providers must ensure that they have reliable working phone numbers (and backup numbers) for their customers. Another problem is that Trojan horses and other forms of malware now prevalent on PCs will become common on smartphones in the next few years, which may render OOB authentication methods that use smartphones insecure and ineffective.
More information on the service and support industry can be found at www.Supportindustry.com
No comments:
Post a Comment