Gartner IAM Summit: Surprises and Trends

Two weeks ago, I attended an annual Gartner Identity and Access Management Summit in Las Vegas. For veteran attendees, the summit presents the possibility to compare it with the previous years—to see what has changed, what new ideas analysts present, what new vendors show up and what vendors did not.

This event did not disappoint. We learned about the importance of paying attention to emerging Internet of Things, customer IAM, converging physical and digital worlds and introduction of digital security as an expansion of current cybersecurity. We also learned about six principles of resilience as the main protection force of digital security, and how important is to pay attention to all of them—especially to the human aspect of the problem. People are one of three main elements of the current digital business diagram, and people-centric approach is one of the six principles of resilience. Gartner analysts talked a lot about the importance of human interactions and communications improvements between business owners, IT people and customers.

Even more, human behavior was in the center of invited speaker presentations: from hacker’s community observations to signs of lying in regular people.

There were surprises in the showcase room too. For the first time, Oracle decided not to have a booth, which shows the change of marketing strategy towards the IAM market: customers will come mostly from other sides of business and there is no need to spend more efforts on just IAM. Another trend was wide representation of customer IAM vendors along with traditional enterprise ones. This shows not only expansion of this market, but also maturity of vendors themselves. Something tells me that one day we will see immersion between customer and enterprise IAM into one solution, which probably brings mergers and acquisitions among vendors.

To summarize my experience at the Gartner IAM Summit, I’d say that the strongest message from the event is the following: traditional enterprise IAM is expanding towards handling different types of identities from people (customers, temps, external identities) to assets (devices, sensors, apps, etc.) and all of us (vendors, consultants, customers) should be ready for this. In my opinion, the human factor will play an even bigger role in the world of digital business and digital security. We can treat assets and people as equal identities, but there is a big difference from a costidity standpoint: assets will not deviate from the policies, but people could.

Published by

Vlad Shapiro

Vlad Shapiro

Vladislav (Vlad) Shapiro, has been working in the the Identity Governance and Administration (IGA) field for 10+ years, during which time he has developed the business advisory concepts of Identity Posture, Fundamental Conflict in IGA and most recently, Costidity™.