In the digital era, being able to manage and control access to services, data and other resources by employees, partners, customers, and devices (things) is extremely important, and a key element of that is identity. Having a comprehensive Identity and Access Management (IAM) capability, therefore, is essential for any modern business.
In fact, the management of identities and permissions in digital transformation is the key to security, privacy, compliance, governance, and audit, as well as system usability and user satisfaction. Traditional IAM systems meet only a fraction of current requirements, and therefore a new, modern approach is necessary.
At KuppingerCole, we believe that the best approach to enabling a comprehensive, IAM capability for the digital era is to build it on a modern, modular architecture that supports an integrated set of Identity Services that deliver the capabilities required for providing seamless, controlled, and secure access for everyone and everything from anywhere to every service.
Because this model of IAM involves the combination of multiple isolated but corresponding elements that are “woven” into an integrated, seamless whole, we use the shorthand term of “Identity Fabrics” when talking about this paradigm for architecting IAM within enterprises to deliver the full range of identity services required by an organization.
The Identity Fabrics concept is aimed at enabling access for all, from anywhere to any service, while integrating advanced features such as support for adaptive authentication, auditing capabilities, comprehensive federation of services, and dynamic authorization.
Most organizations using the Identity Fabric paradigm tend to build on a strong core platform for delivering major features and complementing this with other solutions. These core platforms typically deliver a broad range of IAM capabilities, including a good level in both Identity Governance and Administration, and Access Management by providing a comprehensive set of APIs for consuming these services.
Core platforms that support the Identity Fabric paradigm should deliver these capabilities in a modern architecture, using microservices architectures and container-based deployments. They should also support different deployment models and all types of identities, including employees, partners, customers, devices, and services.
In building an IAM capability that is fit for doing business in the digital era, enterprises need to deploy solutions that not only deliver functionality and support for all types of identities, but also meet the requirements of the Identity Fabric paradigm regarding the architecture, deployment model, and interoperability with traditional applications, cloud services, and new digital services.
The market for Identity Fabrics is evolving quickly. The number of vendors has grown significantly, as well as the maturity of solutions. However, the market is still not at the level of maturity as IGA or Access Management, for example. Positively, we observe significant innovation happening in this market segment.
— Martin Kuppinger, Principal Analyst, KuppingerCole Analysts.
Because we understand the importance of comprehensive IAM solutions built on a modern, modular architecture, and because we are committed to helping your business succeed, KuppingerCole has a great deal of content available in a variety of formats.
Research
For a detailed explanation of the Identity Fabric concept, a strategic approach to moving towards an Identity Fabric, and an overview of the market for Identity Fabrics that will help find the solution that best meets your needs, have a look at the newly-published Leadership Compass on Identity Fabrics.
Explore the latest thinking in and technological approaches to access control in the following leadership briefs:
- Access Control Solutions for SAP and other Business Applications
- Identity as a Service (IDaaS) IGA
- Privileged Access Management
- Identity Governance & Administration
- Access Management
A general explanation of the Identity Fabric concept can be found in Chapter 5 of this Insight entitled: The Definitive Guide to Identity & Access Management, while another overview of the topic can be found in this Leadership Brief entitled: Identity Fabrics - Connecting Anyone to Every Service.
The following Leadership Briefs explore the concept further, looking at Leveraging Identity Fabrics on Your Way Towards Cloud Based IAM and in the context of Managing Non-Human Identities.
Audio/video
If you would prefer to hear what our analysts and other industry expert had to say about Identity Fabrics and enterprise identity at the recent KuppingerCole 2022 European Identity and Cloud conference in Berlin, have a look at this presentation on how IAM will evolve over the years to come and which role decentralized technologies will play: IAM 2025: Integrated, Agile, Flexible. Decentralized?
Additionally, look at the following list of EIC 2022 presentations and choose those that are most relevant to your organization:
- Dealing with Multi-Cloud, Multi-Hybrid, Multi-Identity: Recommendations from the Field
- IAM-Suites for Medium-Sized/Mid-market Organizations
- Siemens AG: Real-World Enterprise IAM at Scale
For a discussion on where Identity Fabrics stand today, how they are implemented in practice, and what to consider, have a look at this panel entitled: Identity Fabrics: The Mesh and the Factory for Identity Services and for further perspectives of the potential of this paradigm, have a look at the panel entitled: Deliver on the Promise of an Identity Fabric: The Power of Data.
To find out what new realities are driving the evolution of Identity and Access Management (IAM) and how organizations use IAM as a key pillar in the architecture for Zero Trust, have a look at this presentation from last year’s EIC entitled: The Dawn of Digital IAM.
The topic of Identity Fabrics is explored further in the KC Live panel discussion on Tackling the Legacy IAM - Towards Future- Proof Identity Fabric and these presentations entitled: The Road to CIAM Success: Why an Identity Fabric Powers Digital Transformation, Identity Fabrics - Delivering IAM for the Digital Business, and CIAM and the KuppingerCole Identity Fabric.
Blogs
Our analysts have written various blog posts on the topics related to the concept of Identity Fabrics. Have a look at the following list and chose the topics that are most relevant:
- Identity Fabrics: Developing your IAM Program from Vision to Strategy
- Managing Access and Entitlements in Multi-Cloud Multi-Hybrid IT
- The Road To CIAM Success – Why an Identity Fabric Powers Digital Transformation
- API Platforms as the Secure Front Door to Your Identity Fabric
Webinars
The concept of Identity Fabrics has also been referenced in some webinars. Have a look at the following webinars and choose the topics of greatest interest:
- Delivering on the Promise of an Identity Fabric in a Modern Enterprise
- How Security and Identity Fabrics Work to Help Improve Security
- Identity Fabrics for True Digital Transformation Dec
Whitepapers
Several Whitepapers reference KuppingerCole’s Identity Fabric concept, including this Whitepaper that looks at how to plan for IAM modernization, the alternative paths, and the role IGA to ITSM integration plays in IAM modernization, entitled: A different way to IGA: Leveraging the ServiceNow infrastructure.
The Whitepaper on Modular Decentralized Identity Architecture looks at how an Identity Fabric provides the agility and the integration support for what organizations already have, while allowing them to move away from legacy systems at their own speed.
For an in-depth discussion on how Identity Fabrics help in architecting Identity Management for digital business, have a look at this Whitepaper on Identity for the Business: Identity Fabrics supporting the Digital Transformation and this related Whitepaper entitled: Modern Identity Fabrics: A Cornerstone of your Digital Strategy.
Tech Investment
Organizations investing in technologies to enable comprehensive IAM solutions, can have a look at some of the related technology solutions that we have evaluated: