KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Digital identities of customers, devices and services are at the core of the digital enterprise today. However, traditional IAM is riddled with complexity and siloes. Building a modern Identity and Access Management requires seamless integration and secure access of everyone and everything. This panel explores what the future holds for IAM and provides a blueprint to ensure a modern, secure and flexible identity foundation that breaks down legacy identity siloes.
Digital identities of customers, devices and services are at the core of the digital enterprise today. However, traditional IAM is riddled with complexity and siloes. Building a modern Identity and Access Management requires seamless integration and secure access of everyone and everything. This panel explores what the future holds for IAM and provides a blueprint to ensure a modern, secure and flexible identity foundation that breaks down legacy identity siloes.
For those, we haven't had the chance to watch your session before maybe we really started with a quick introduction, Leonardo, feel free for the first introduction. Yeah. Thank you.
Thank you, Christopher. Yes, indeed. Leonardo Morales is my name employee from Simmonds in Germany presenting just one minutes ago. The IM how important is it's key all on the zero trust strategy, and we will have a further look on what IMS will bring for the future. Perfect.
Paul, a few words about you. Hi. Yeah. I'm Paul Fisher lead Analyst with Kuppinger. I spoke at the start with a general run through, on some of the options for using a manage service provider for access management and that's seed to kick off a discussion about the value of AI in am. So that was interesting. Yeah. So let's start, maybe not within AI discussion, maybe that's something you can do in your open table round. I will join then two, because it's a fantastic topic. What is real AI and whatnot? Let's start about the first one.
How much longer will password still be a focus for identity and access management? Will there always be a place for them in some environments? And I'm happy to ask this question to Leonardo because we had this from the audience. Okay. Okay. I think it's a matter of time and also we're moving forward case by case.
I see, I do see that password will be replaced for end user use cases in a very short time. We can think of in, in, in the course of the next three or five years for user scenarios, we can count on multifactor. Bio is getting rid of password this for the end user use cases, but we also do see and have the enterprise where machines machines communicate or will have non trust legacy devices and not attending those protocols and not, not able, not able to manage a multifactor, our modern authentication.
We will continue dealing with passwords in that sense and thinking also on, on, on the zero trust capabilities that Pam solutions can bring in into that. I think this, this will remain quite some time. We will continue working on modern authentication also for OT and for OT and legacy systems and manufacturers.
It will, it will exist coexist for, for a certain time. Absolutely. Especially for operational technology. That's a big thing, even how you handle it, whether it's an identity as well, responsibilities and all that stuff. But this is an interesting topic, but we'll break our panel for today.
Paul, your thoughts about the future of passwords in identity and access management? Well, passwords have been with us for a long, long time, and people have been talking about the end of passwords for a long time as well. But I think Leonardo is, is correct to say that it depends on the application. So I think we are moving towards certain parts of identity access management, where we'll, we'll be able to get rid of passwords. But I think in more general areas, for example, where we in talk about end users or customers, consumers, it's very hard to wean them off passwords.
There, there is some kind of high between people think that a username and a password is, is a secure way of logging into something. The, the problem is I think that, yeah, even the alternatives pass was yet are not perfect.
You know, so we talk about biometrics or facial recognition or pass fingerprinting, et cetera, but don't quite often add an extra friction to the authentication process rather than reduce it. And they don't always work either.
So I think from a, from a, a user perspective from, from the end point or say that the, the human user sitting in front of an application may well still use the process of a username and a password, but we may well be able to then behind scenes actually not use a physical password to give access, we can then move, convert it somehow to a certificate or some kind of encryption, or even some variation of a blockchain, or yeah.
What do we, a non fungible object, you know, there is research going around those areas that would, I think, have more potentially getting rid of passwords completely and, and throughout the whole authentication process.
But I, I, I do think that we'll still be using passwords in 10 years, for example, and probably longer, but I think we are finally seeing progress in privileged access management is an area that I spend a lot of time looking at that we are gradually moving towards the end, perhaps of password vaulting and password rotation and into something a bit more sophisticated and ephemeral and just in time. Absolutely.
And I, I mean, even as a, or as a normal customer, you see usually multiple ways of password, less, whether it's sending you an email with an authentication link and you don't have to enter credentials. That's the easy example, but it depends a little bit on, on the ity here, because if your mail mail account is breached, the password is exposed somewhere and someone gets accessed and he can access everything just by clicking on those links and requesting access. So risk management is again, very interesting topic and the, the NFT or using NFTs for authentication, I'm really looking forward.
What will happen in that area, whether you can use your 50 $500,000 or assume ape for accessing something because you are the owner, that's also very future stuff, but it could be that we use something like that. Next question would be how far can conventional privileged access management support the continued drive towards just in time access to dynamic resources and the new cm products coming to the market. Maybe we start with Leonardo, Yeah. Is absolutely mass in our zero trust strategy.
We, we account on identity verification, identity proving. We are convinced that we can manage the access of an identity and how trustful an identity is providing, granting them access. But we see, especially for, for the administrative operations, for OT, we need in accounting, very strong on, on time solutions, especially when we deal with shared accounts that no one's own is, is not subjected linked to the one single identity.
And when there is not only about that, who has access to what is about who has done, what, who has modified things who got recorded by changing things in behind the scenes. And this is the, the, the most important part for me, not only that the time is managing the credentials for the access is also getting the control of what has been done on, on, on the operational side activities, recording video recording.
And this, this will remain. This is for us, is so, so important to maintain, especially for shared accounts, which, which we use for functional services for, for functions, identities, and services, Paul, your thoughts about, Yeah, I kind of touched on it in my earlier answer. Suddenly.
I think the Pam vendors are realizing that in the dynamic environments that we're talking about, and we talk about dream cetera, dynamic resource attachment, access management, that the traditional password vault, the password rotation, the checking in and checking out of passwords is not agile or fast enough for the type of work that's now typically being done in the cloud, particularly among developers, DevOps, those sort of people.
And it would seem that we are moving towards a, just in time paradigm or just in time culture of giving people privilege access for a limited time and exactly when they wanted and, and then switched off. And we can also this, which is kind of like contradict what just in time is, but some you can actually now have just in time on a regular basis. So if you need access every afternoon at 2:00 PM to a certain resource, then that can be set up.
So, which brings in the convenience side of it. But I definitely think that time is kind of splitting into two camps now, which, and, and many vendors have their feet in both camps. So they are, are serving the just in time market and the ephemeral access, et cetera. But they're also keeping password vaults password rotation simply because many customers actually prefer that they, they actually like having passwords in a vault and they feel it's easier to manage.
It's, you know, it's, it's encrypted, it's secure. So I think we might see, so Pam for perhaps less dynamic environment. So the more traditional parts of Pam where an admin will, you know, do updates on endpoint, et cetera. And then we'll see for just in time merging a little bit overlapping with cm. And then that becomes part of dynamic resource access management area. That there's definitely quite a lot happening in the pan market with different vendors, new entrants, new people, sort of serving, you know, specific markets rather than trying to be hand for everything.
Some vendors are not bothering it, for example, endpoint privilege management, because they don't want to have agents and they don't want to then have their customers have to support those agents, et cetera. So it's, it's kind of a market which is covering all the bases, but at the same time separating, you need to slightly specialized areas. Absolutely.
Our next question, we already discussed a little bit when talking about NFTs and password, less email communication, but maybe it's worse to dive a little bit deeper and what can companies do to improve the authentication experience for customers? So it improves security, but also convince for, for them maybe louder again. Yeah.
I see, personally, as I went with situation, I see it allows a user to get rid of, of passwords and long passwords. And the complexity of passwords has, has increased also for, for different accesses.
And we, with counting on one side on the one hand side was seeing the side on multifactor authentication, but is quite convenient for the user. And it is, is it has it it's complexity because of the strategy for the identity enabling of multifactor application enabled application security level. So to take the, the right decision based on the trusted identity.
And, but this will, it's required for people who is, is, is not, is not going with the times of, of modern authentication and for companies where have to roll out all the mobile devices where people can use via keys or mobile phones or authentication apps to get authenticated that generate costs, especially for us in our manufacturers, we accelerate the access to our environments and to people to get, to improve their skills and get more knowledge from the, from the 365 universe.
And that forced us to bring in more devices, modern authentication spend is, is an investment for, for the company itself. But on, on the one hand side, the user would get some benefits from that, with, with part of that utilization move and accelerate the business continuity.
This is, is a mix, but it's the right way, Paul, but yeah, Well, Christopher, I guess you, you, you are talking about customers as in all of us consumers, Consumer. Yeah.
So I, I think let's talk about McDonald's again, once upon a time you went into a McDonald's restaurant and you had to stand in a queue impatiently waiting to make your order, and then you had to wait again for it to be made. And then you got annoyed because people pushed in front of you, et cetera. And then recently, or a few years ago, McDonald's introduced those kiosks so that you order your own meal and you pay there.
And then, and it kind of is, is suddenly it's a stress for experience. And I think I was at a conference just a few weeks ago, and we were talking all about the customer experience and we need to somehow replicate the real world experience of, of buying stuff or logging or going to a, a bank site or something else at the moment requires username password.
We need to make it as seamless and friction free as possible because that's easier said than done, which is why we still have, you know, username and passwords for various sites and why we all have different accounts for lots of different organizations online. And I think, again, I can this idea that there is some interesting work being done with, you know, digital identity in that we as individuals, you know, build up a certain footprint of what we do online and what we buy and what we visit and stuff. And the concept is that we can, that becomes a unique identity.
The problem with that is I think that it's not in the control of the consumer. It's almost, to be honest to me, it's like another way of using what should be private as a way of authenticating, but there could be some mileage in creating some kind of digital identity that is controlled by the user that they perhaps decide what digital information is gonna be attached to. That kind of, I don't know, like a snowflake, maybe that's the best way to describe it, sort of thing that it would end up being. And that's where you come into the idea of an NFT.
So you would have your own unique non fungible identity, which you can then use from one site to the other, which would then get away, would do away with passwords and usernames altogether. Of course, it's early, early days, this, this identity could potentially still be stolen.
So if, if your unique identity was, was stolen and they would access to everything even worse than losing just one username password for one site. So there has to be ways of encrypting that and making it completely non fungible and also cannot be altered or moved without the owner knowing. So that's bit of future gazing, but I, I think the breakthrough will probably come in consumer space of improving identity and access management, which then may then go into the commercial world.
Yeah, perfect. Already. We almost achieved the end of this panel discussion, but it's time for the actually Christopher, just before we go.
No, I have one more question. Oh, you do?
Oh, I Thought you had, but then you, can, you joke whatever it is. Oh, last question, please take care of the time. I think one, one to two minutes is, okay, what will identity and access management look like in 10 years from now? Will we have secure identity, decentralized and federated across private and public network? And is that the future we want Leonardo, I do strong believe that we will, we will have decentralized entities used for the in and use our consumers.
And as, as far as we see that, how accelerate it world, that one big cut of, of it represents 100 year human being is, is, is moving so fast that I, for the end user consumers in the commercial markets, I think that is, that will come in the future and finally ends up with the kind of decentralized identity. And for enterprise is something that will, will take some would take longer. Perfect.
I, I think, yeah, I think we'll get there, but I think we have to ensure that the consumer, the individual has agency over whatever we come up with. So it's not organizations or big companies that are controlling identity, but is it the individual? And that can be true of commercial organizations as much as the consumer interfacing with, with enterprises.
So, yeah, I think we'll, I think we'll still some real progress on, on that the next 10 years. Absolutely. And you wanted to state something, But no, I just, I wanted to ask Leonardo what the car was in on the picture behind him.
Is it, This is Nissan. It's a Nissan's hundred 50, right?
That was, was I expected 370, ah, Three 70. Next One. That is exactly in Sanford and the race track. Cool. One in Holland. Okay. Thank you very much, Leonardo. Thank you very much, Paul. You're welcome. Great panel. Great input. Thank you very much and have a good day. Yeah. Thank you. Thank you.
