Skip to main content
close search
site logo
Dive Brief

Half of companies lack security to support cloud-based IAM: report

Published April 1, 2021
Katie Malone's headshot
Associate Editor
Illustration of locks layered above circuity.
Traitov/iStock/Getty via Getty Images

First published on

CIO Dive

Dive Brief:

  • Two-thirds of IT executives say process issues are preventing them from moving identity and access management (IAM) systems to the cloud, according to a survey by Forrester commissioned by ForgeRock. The IAM systems struggle to move between cloud and on-premise services, a top process challenge.
  • Of the 313 global IT executives Forrester surveyed, 80% have already adopted, plan to adopt or plan to expand cloud-based IAM efforts in the next two years. But half of the execs lack key security practices and 88% say technology issues, such as limited functionality and scalability, are preventing IAM adoption in the cloud. 
  • A hybrid cloud approach to IAM can provide better employee/customer experience and opportunities for innovation, according to the report. Realizing the benefits, however, requires organizations to overcome security, strategy and technology gaps.

Dive Insight:

IAM systems define user privileges to build security guardrails, and sourcing it in the cloud will provide companies with more access and visibility into who can access what.  

Cloud-based IAM allows IT professionals to manage authorizations from the cloud environment, but sourcing security from a cloud model can be a challenging migration.  

"Organizations are rapidly moving to cloud for cost savings, but they still have many business-critical applications running on-premises," the report said. Managing IAM infrastructure in the cloud and on-prem creates a "disjointed model disjointed model that can raise many security and user experience issues."

Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including a lack of visibility into IAM systems for a complete security picture and increasing complexity caused by the migration. 

Visibility across the entire IT ecosystem underpins security efforts in the cloud and on-premise. Jim Brennan, chief product officer at BetterCloud, recommended introducing automation to gain visibility across the IT stack in an interview with CIO Dive earlier this month. 

Automating workflows to manage configuration settings or applying automation to offboard user accounts can be applied to the IAM process for additional security guardrails. 

Introducing new policies, processes and procedures to the tech stack also brings new layers of complexity for IT departments and other employees to manage. In an environment full of disparate applications, authorizing and authenticating each user can be a daunting task. 

To account for some complexity and moving parts in the IAM ecosystem, Target reinforced its identity management efforts with a zero-trust philosophy, CIO Dive reported in 2019. The zero-trust approach accounts for job termination, shared accounts, onboarding and inactive use concerns.

IAM efforts remain a popular approach to cybersecurity. Seventy percent of global business executives are planning to increase spending on IAM over the next year, according to a Ping Identity study.

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell