Most businesses are not handling identity and access management (IAM) in the right way, according to Gartner.
Somewhere between half and two-thirds of organisations are trying to set up an effective IAM project but are doing it wrong, said Earl Perkins, research vice president at Gartner.
"IAM process requirements should always precede organization and technology decisions," Perkins explained.
"But currently, most IAM planning is done around clusters of technologies, rather than by addressing specific IT or business processes."
Often, businesses start thinking about IAM from the wrong direction or with people involved who shouldn't be, the analyst said.
"IAM should not be planned with operations in mind; rather, it should be based on the foundations of the organisation relative to policies, processes and people," Perkins added.
"Products are actually a relatively small focus of the decision process in an IAM programme."
IAM should be viewed as a process and should not be product-orientated something the market has imposed on IAM, Gartner claimed.
"Instead of looking at IAM as a set of products to be purchased to fill technology gaps in an organisation, viewing IAM as a process attempts to identify where people and IAM technology can be most effectively inserted' to fulfill the practices and policies of the organisation," Perkins added.
"It also contributes in a significant way to how enterprise, and security, architecture is enriched with the addition of IAM-specific architecture."
Recent password thefts, such as the one involving Gawker, may have inspired organisations to tighten up their access management.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
CISO job satisfaction is plummeting, and some are considering quitting altogetherNews CISO job satisfaction is being plagued by mounting demands, poor c-suite collaboration, and stressful working patterns
-
The IT Pro Podcast: Navigating Brexit data transfersIT Pro Podcast The transition period is over – what happens now?
-
Cyber security spending will hit $96bn in 2018News Regulatory changes such as the introduction of GDPR will cause businesses to up investment
-
Privacy audits must become regular part of corporate life, warns GartnerNews Gartner wants to see more firms tighten up their privacy compliance procedures.
-
Dell needs to reassure customers after going privateNews Gartner tells Dell users to ignore rivals' fighting talk.
-
Gartner: Worldwide UTM revenues top $1bnNews Analyst hails firewall refresh cycles and growing interest from SMB and mid-sized firms for market growth.
-
Big data and BYOD will challenge firms in 2012News Analyst firm Gartner has outlined the challenges it believes organisations will face in the year ahead.
-
Security services vendors in line for big bucksNews Global spending on security services is predicted to reach $35.1 billion in 2011.
