The math is pretty simple: increase the number of devices, apps and data and you have more challenges and less security. Between smartphones, tablets, notebooks, desktops, etc., users are increasingly dealing with multiple devices and struggling with identity and access management in an anytime, anywhere, and any device world.
According to a report from Marketsandmarkets, the IAM market will grow from $5.13 billion in 2013 to $10.39 billion in 2018. The major force driving it is the lowering proportion of services required for implementation of an IAM project (via- cloud IAM) as it was too heavy for small and medium-sized enterprises to afford traditional cost structure. SMEs will start investing in IAM projects in coming years, as traditional cost structure is slowly getting replaced by attractive pricing offers such as monthly subscription, usage-based pricing, etc.
Marketsandmarkets believes that the need to connect and manage complex structure of federated digital identities which includes integration, interoperability, and compatibility issues will always remain one among the key challenges for both enterprises as well as existing IAM vendors. “We’re trying to figure out how we can help end users be productive and have access as well as enable it to have control,” said Corey Williams, Senior Director, Product Management, Centrify Corporation, one of those IAM vendors,
In November the company released what it called the industry’s first Identity-as-a-Service (IDaaS) solution to provide both Active Directory- and/or cloud-based Single Sign-on (SSO), access management, application management and mobile management across any cloud, mobile or on-premise application. The Centrify User Suite, SaaS Edition, enables organizations to eliminate password sprawl for their users and gain centralized control over access to SaaS apps and mobile devices in the workplace, said the Sunnyvale, CA-based company, which was founded in 2004 and has an installed base of more than 5,000 customers, including 50% of the Fortune 50 and boasts a 97% retention rate.
Forrester Research called the new Centrify cloud SSO portal similar to the competition: Okta, OneLogin, Ping, Symplified, SecureAuth, i.e. the ones that we looked at in our Cloud IAM Wave. “What’s really interesting about this offering is that Samsung KNOX OEMs the client side mobile application for SSO for its high-end devices,” noted analyst Andras Cser. “Forrester predicts that Apple (with its consumer fingerprint reader already making inroads into authentication) and others (Windows Phone, etc.) will follow suit and offer cloud based IAM and SSO services.”
According to Gartner, combining privilege management and application control can help to reduce expenditure on IT operations labor by over 25%. The research company’s 2013 desktop total cost of ownership study also concluded that a ‘locked and well managed’ environment with respect to user privilege results in TCO savings of almost 30% – $1,264 per desktop per year – against a ‘moderately managed’ environment.
Williams believes much of that security, at least from a password perspective, is at best illusory. “End users have way too many passwords [and are ] probably using the same password for most of them. It’s really a false sense of security that password provides… with all the breeches.”
Put this in the context of mobile and user experience and we may have some of the weakest security IT has ever had, he said. “We’re losing control [and are] faced with users managing their own passwords.”
The key to solving the password problem is by solving the mobile problem, said Williams. By securing devices, enrolling them so policies can be applied, you can have devices trusted in the enterprise.
That’s not a new concept, he added, but something that was done 10-15 years ago with Windows Active Directory. You don’t want to frustrate users by adding a bunch of hurdles to jump over, but at the same time you want to protect the organization, said Williams.
Under The Hood
With list pricing of $4/user/month, and unlimited apps and full mobile security management, Centrify User Suite, SaaS Edition, features:
-Identity Where you Need It: in addition to Active Directory integration for SaaS and mobile management, it now supports cloud-only deployments for non-Active Directory users, as well as a hybrid Active Directory and cloud deployment for external users;
-Industry’s Deepest Mobile Capabilities: built-in multifactor authentication with Centrify Authenticator soft token, one time passcode (OTP) via text/email, and interactive phone calls, to its fully integrated mobile device, container, app and authentication management functionalities; and,
-Global Enterprise Support: 24×7 global support and regional separation so customers can deploy and keep their data in a preferred region.