Work is still to be done to see widespread comprehensive IAM in place. In a survey run by KuppingerCole Analysts, participants reported the status of their IAM blueprint.
Recent Survey Results
While 40% of participants reported that they do have a comprehensive IAM blueprint in place, a large portion of participants are currently putting it in place or do not have one. 26.8% are in progress with implementing a future-ready IAM blueprint without indication of where they are in the process, and 33.1% do not have one in place.
Figure 1: Companies that have a comprehensive IAM blueprint in place; KuppingerCole Survey, August 2024, sample size 447
The Identity Fabric models a comprehensive IAM implementation
A comprehensive, future-ready IAM blueprint should follow the Identity Fabrics paradigm. An “Identity Fabric” refers to a logical infrastructure for enterprise IAM, conceived to enable access for all, from anywhere to any service while integrating advanced features.
The demands on a future-ready IAM are complex, diverse, and sometimes even conflicting. These include:
- Different types of identities must be integrated quickly and securely in user-friendly flows.
- B2B onboarding and IAM must be facilitated in the challenging context of supply chain security.
- Employees (internal and external) should be able to use the devices they prefer.
- Secure access to working environments must be possible no matter where users and systems are located.
- Identities must be linked to reflect relationships within teams, companies, families, or partner organizations.
- Zero Trust features, such as continuously verifying access, must be included.
- Identities maintained in trusted organizations should be directly and reliably integrated and authorized in our IAM.
- Identities should be able to do business and execute payments.
- All relevant laws and regulations must be observed.
- Existing data on identities and entitlements should be applicable for analytics and artificial intelligence.
- All this must apply to all possible identities, beyond people, so that devices, services and networks are integrated into our next generation IAM infrastructure.
Figure 2: KuppingerCole Identity Fabric
The Identity Fabric shows the identities on the far left, the services on the far right, with capabilities required, services needed, and tools to leverage in the center. A more extensive description can be found in the 2024 Leadership Compass on Identity Fabric providers.
Today’s IAM systems meet, if at all, only a fraction of current requirements. And while organizations are moving towards more future-proof blueprints like those based off of the Identity Fabric, the current survey results suggest that there is still work to be done.
Why invest in a comprehensive IAM implementation?
There are various good reasons for organizations to invest in such a comprehensive blueprint and implement their own Identity Fabric. One is overlapping capabilities between many areas of IAM. Identity Fabrics help streamline investments and avoid unnecessary redundancies. Another is moving to a modern architecture. Identity Fabrics define such modern, future-proof architecture, including segregation of customization and orchestration of services. Another one is uniting the teams. It’s one IAM by one team, not many disparate, siloed efforts. One more to mention: Prioritization. Identity Fabrics help in prioritizing investments and analyzing the gaps.