Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Future of Digital IAM


Published on

This slide deck covers trends we’re forecasting in the IAM space, measures you need to take keep your business safe, what defines the success of an IAM system, and why open source IAM should be worthy of your consideration.

Watch the on-demand webinar here -

Published in: Technology
  • Be the first to comment

The Future of Digital IAM

  1. 1. The Future of Digital IAM VP, Security Architecture, WSO2 Prabath Siriwardena
  2. 2. ● 12 years at WSO2, leading the development of open source WSO2 Identity Server, which serves more than 75 million identities globally and handles more than 1 million authentication requests on a daily basis ● Identity Evangelist and Author ○ Microservices Security in Action (2019, Manning) ○ Advanced API Security 2nd Edition (2019, Apress) ○ Microservices for the Enterprise (2018, Apress) ○ Advanced API Security (2014, Apress) ○ 3 More… About Me
  3. 3. #1 6th Open Source Integration Vendor Largest Apache Committer Largest Open Source Vendor Overall 6th About WSO2
  4. 4. $37m in 2018 Subscriptions 53% YoY growth 500+ Customers 175 New in 2018 Open Source Founded 2005, Backed by Cisco and Toba Capital Colombo, New York, London, Mountain View, São Paulo, Sydney 550+ Employees (300 Engineers)
  5. 5. “ Application infrastructure and middleware projects are becoming the cornerstone of the digital business.” #1 Open Source / Open Core Application Integration Suite Vendor
  6. 6. “...the only fully open source solution in our Wave analysis, WSO2 provides good breadth across all evaluation criteria.” Leader in Forrester Wave: API Management Solutions, Q4 2018
  7. 7. Leader in KuppingerCole Leadership Compass for Access Management & Federation, Q4 2018 Leader in KuppingerCole Leadership Compass for CIAM, Q4 2018
  8. 8. FLAGSHIP CUSTOMERS Over 500 applied integration uses across every industry and every geography Financial Healthcare Governments Education Telecom Retail TechnologyTransport
  9. 9. ● No IAM vendor gets competitive advantage by just supporting standards ● 92% of the 8B+ authentication requests Azure AD handled in may 2018 were from OpenID Connect enabled applications ● 90% of the customers we worked in 2018 preferred OpenID Connect over SAML ● Move from homegrown IAM systems to standard-based IAM ● OAuth 2.0 is the de facto standard for securing APIs - PSD2, Open Banking, FAPI ● JWT winning in securing microservices - to propagate user context between microservices ● FIDO 2.0 is becoming the de facto standard for MFA ● UMA moving to IETF - WSO2 Identity Server 5.7.0 supports UMA 2.0 Standards Become Foundational ~ Not a Luxury 9
  10. 10. ● MFA could reduce the account compromise by 99.99% ● Usability is the key! 90% of Google users have NOT enabled 2FA ● Continuous and adaptive authentication are the next phase of MFA ● Regulatory standards are starting to mandate the use of strong authentication, e.g., SCA under PSD2 ● WSO2 Identity Server 5.7.0 supports adaptive authentication MFA Becomes a Necessity! Adaptive/Continuous Authentication to Follow 10 By 2022, 60% of large and global enterprises, and 90% of midsize enterprises (MSEs), will implement passwordless methods in more than 50% of use cases, which is an increase from fewer than 5% today ~ Gartner By 2023, vendors that cannot leverage machine learning capabilities for user authentication will lose more than 50% market share among large and global enterprises engaging in digital business ~ Gartner
  11. 11. ● Enterprises go beyond Access Management and look for end-to-end IAM solutions - integrates with Access Management, IGA, PIM, SIEM, and Identity Intelligence solutions ● System Integrators play a key role in deploying end-to-end IAM solutions ● We are facing an exploding endpoint problem. In less than 20 years, the world will grow from a billion to more than 1 trillion programmable endpoints. ● Integrates with APIs, Microservices, etc. ● Open Banking and CIAM solutions ● Five pillars of Consumer IAM: APIs and Integration, Scalability, Strong/Adaptive Authentication, Analytics, and Security and Privacy Every IAM Project is also an Integration Project 11
  12. 12. ● The GDPR has driven a global movement of more mature privacy and data protection laws ● Privacy-by-design and Privacy-by-default ● California Consumer Privacy Act (CCPA), California IoT Privacy Act ● PSD2 and Open Banking in the financial domain Regulatory Compliance Makes Into Every RFIs/RFPs 12 By 2022, more than 75% of entities that intend to manage commerce or technology engagement — including regions, states and countries worldwide — will have begun to change their privacy regulations to follow the example of the GDPR. ~ Gartner
  13. 13. ● Microservices deployments are becoming real! ● Brings in a whole set of new security challenges ● How to pass user context between microservices and how to do service-to-service authentication and authorization? ● Zero Trust Network ● Istio, SPIFFE, OPA, etc. IAM in the Cloud Native Space 13
  14. 14. ● Many organizations are still using homegrown IAM systems that are end of life. Organizations should not be writing their own IAM software from scratch. Many COTS, open-source ,and IDaaS options can be extended at the API level to meet organization-specific needs. ● Homegrown IAM solutions fail to keep up with the innovation happens in the standards and regulatory domains. ● Organization will look for IAM solutions that could bridge legacy with standard based ones for smoother migration Homegrown IAM Failing to Keep Up with the Pace of Innovation 14
  15. 15. Decentralized Identity Makes a Promising Progress 15 ● Emerging standards: DID, Zero-knowledge protocols, Decentralized PKI, and Decentralized key management ● Organizations: DIF, Sovrin Foundation, Hyperledger Indi (Linux Foundation), and W3C