As most of us are just getting comfortable writing “2020” on checks and journal entries, the identity access management industry is far from settling down. The new year finds IAM undergoing a machine-learning-enabled “phase shift” that will make processes dramatically smarter and incredibly more agile, automated, and vigilant than ever before. This shift is proceeding at varying speeds for different IAM tool markets. The maturity of machine learning approaches to identity analytics varies by use case and individual vendor. But the shift is happening, and knowing where we stand right now will guide us to where we’ll be by the time 2020 gives way to 2021 and beyond.
Leveraging machine learning and AI has gone from pipe dream to best practice, and they are vastly transforming identity and access management architecture, especially in the areas of adaptive access, privileged access management, online identity proofing, and identity governance and administration.
As the industry matures further towards a complete Zero Trust model, we take a look at the key components and founding tenets that constitute “smart” and forward-thinking IAM solutions in 2020.
Garbage In, Garbage Out
A foundational concept for data science is what’s known as “Data Cleaning.” This term refers to the process of identifying unrefined, or irrelevant data and refining and excluding it as necessary. Naturally, analytics and machine learning are driven by data – so to ensure everything runs as smoothly and effectively as possible, you have to make sure your data is of the most premium quality.
When dealing with large volumes of data over a lengthy period of time, the quality of your data is even more important. An effective IAM tool should be able to filter data from a typical user’s access path – from mobile phone and endpoints, through a network comprising firewalls, through the authentication points, to the application – and “learn” about access patterns and typical behavior. But it all starts with knowing what’s superfluous and what can give you the “cleanest” data.
When the analytical tools are able to pinpoint vital data and use that to discern between typical and atypical user behavior, it’s identifying context for the data it’s accruing. In 2020, as we move towards the Zero Trust security model, context will be increasingly significant. If your IAM solutions are able to identify the right data sources, they will be able to paint a more detailed and complete picture of user activity and be better equipped to flag anomalies.
Your ideal data sets will begin by setting a baseline, gathering log in and app launch activity and other common factors. It will then begin drilling down into variances in location, time, and nature of work in order to create a “digital fingerprint.” The user becomes their own authentication device – the “identity” in IAM.
The process of reducing the number of attributes or information types – known as “dimensions” – in your dataset in order to promote the most effective and “clean” data is referred to as “dimensionality reduction” in data science parlance. You may also have heard Data Science/ML professionals grouse about “the curse of dimensionality.” This will be a key factor for building strong IAM solutions going forward.
It may seem contradictory to what we discussed earlier – isn’t having more dimensions better? Aren’t you getting a more reliable sense of behavior patterns? – but the truth is your behavioral variance model doesn’t need every possible dimension explored in order to be effective. Identifying the principal components and establishing baselines for the users’ normal behaviors will allow you to then use one of the many methods and algorithms available to detect deviations. This is called anomaly detection and you can go through some of the popular methods in Machine Learning to apply anomaly detection to datasets.
Automation & Orchestration
We’ve covered how AI can build a behavioral pattern as a means of differentiating secure from suspicious activity, but in order to translate that into an efficient protection strategy your IAM solution must be set up to automatically process and act on the data it receives. A good tool is able to protect the endpoint, step-up authentication, and employ strict assurance levels through Multi-Factor Authentication (MFA), limit access through Roles Based Access Control (RBAC), log malicious activity and notify the right admins and users. And all of this happens seamlessly and “automatically.”
The right IAM tool is able to then “orchestrate” or collaborate with other key IT tools so that the entire workflow is automated and can run smoothly without putting additional strain on IT departments.
Adapting to Risk
An automated IAM system must be able to assess and adjust to risks, which means it should be able to log the incident, notify relevant stakeholders, step up access security for critical resources, and provide sufficient audit trails for admins to investigate. More advanced models may be able to instantly integrate responses with existing workflows to enact control decisions and actions.
The year ahead will bring an accelerated evolution in the IAM solution space, one in which access moves beyond antiquated (and vulnerable) passwords and traditional login points to become an automated, intelligent, and reactive system that learns your identity and habits. Not to sound Orwellian, but AI will get to know you – and that familiarity (backed by efficient data and integrated into secure workflows) will bring us further to a Zero Trust reality. You are verified at every access point using your own identity and behavior as “key,” secure within a system that is smart, adaptable, and vigilant. The future is now…
Learn more in our recent webinar on this topic – Simple Rules for Smart IAM Solutions.
Are you ready to step into the future and embrace “smart” IAM? Check out the Idaptive Next Gen Access Platform to get started on your journey to Zero Trust security nirvana.