In the last decade, we have seen rapid change in technology usage. New technologies brought to the market shifted how we engage with and use technologies amid a global shift toward digitalization. Digitalization aims to bring rapid and instant gratification to stakeholders, from corporate employers to consumers, and with this, identity has become a key and central player for proffered services.
Services can be consumed on the go, in the moment and from anywhere focused on a targeted demographic, utilizing increasingly connected devices and cloud-based applications. These, in turn, bring inherent risk to people, things and systems outside that traditional security perimeter of yesteryear.
History of Identity and Access Management
Identity and access management (IAM) goes back to the 1960s when IBM developed the Resource Access Control Facility (RACF) for their mainframe systems.
The intent behind RACF was to provide a centralized authentication and access control mechanism for mainframe resources. RACF would allow administrators to manage user accounts and control access to different resources based on defined policies and included features such as password management, user authentication and auditing.
As technology progressed, we saw the rise of distributed computing and networking in the 1980s. Distributed computing, in turn, led to a need for IAM systems that could manage identities and access across multiple systems and platforms, resulting in the development of Lightweight Directory Access Protocol (LDAP) and other directory services.
Identity as the New Security Perimeter
Organizations, as we know, are continually developing and adopting new digital technologies to meet business objectives and customer satisfaction metrics. This, coupled with the rise in working remotely or in a hybrid model, is contributing to the traditional security perimeter as we know it becoming less effective.
Traditional perimeter-based security models, as we know, are the physical and logical boundaries that protect an organization’s IT infrastructure and rely on security within physical locations and network boundaries. These models served as a foundation for enterprise security for many years until the advent and adoption of cloud services, mobile devices and remote work, as we experienced in volumes over the pandemic.
You can read the full article here.