This slide deck covers trends we’re forecasting in the IAM space, measures you need to take keep your business safe, what defines the success of an IAM system, and why open source IAM should be worthy of your consideration.
Watch the on-demand webinar here - https://wso2.com/library/webinars/2019/02/the-future-of-digital-iam/
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
The Future of Digital IAM
1. The Future of Digital IAM
VP, Security Architecture, WSO2
Prabath Siriwardena
2. ● 12 years at WSO2, leading the development of open source WSO2 Identity Server, which
serves more than 75 million identities globally and handles more than 1 million authentication
requests on a daily basis
● Identity Evangelist and Author
○ Microservices Security in Action (2019, Manning)
○ Advanced API Security 2nd Edition (2019, Apress)
○ Microservices for the Enterprise (2018, Apress)
○ Advanced API Security (2014, Apress)
○ 3 More…
About Me
4. $37m in 2018
Subscriptions
53% YoY growth
500+ Customers
175 New in 2018
Open
Source
Founded 2005,
Backed by
Cisco and Toba
Capital
Colombo, New
York, London,
Mountain View,
São Paulo,
Sydney
550+
Employees
(300 Engineers)
5. “ Application infrastructure and
middleware projects are becoming the
cornerstone of the digital business.”
#1 Open Source /
Open Core Application Integration Suite Vendor
6. “...the only fully open source solution in
our Wave analysis, WSO2 provides good
breadth across all evaluation criteria.”
Leader in Forrester
Wave: API Management
Solutions, Q4 2018
7. Leader in KuppingerCole
Leadership Compass for
Access Management &
Federation, Q4 2018
Leader in
KuppingerCole
Leadership Compass
for CIAM, Q4 2018
8. FLAGSHIP CUSTOMERS
Over 500 applied integration uses across every industry and every geography
Financial Healthcare Governments Education Telecom Retail TechnologyTransport
9. ● No IAM vendor gets competitive advantage by just supporting standards
● 92% of the 8B+ authentication requests Azure AD handled in may 2018 were from
OpenID Connect enabled applications
● 90% of the customers we worked in 2018 preferred OpenID Connect over SAML
● Move from homegrown IAM systems to standard-based IAM
● OAuth 2.0 is the de facto standard for securing APIs - PSD2, Open Banking, FAPI
● JWT winning in securing microservices - to propagate user context between
microservices
● FIDO 2.0 is becoming the de facto standard for MFA
● UMA moving to IETF - WSO2 Identity Server 5.7.0 supports UMA 2.0
Standards Become Foundational ~ Not a
Luxury
9
10. ● MFA could reduce the account compromise by 99.99%
● Usability is the key! 90% of Google users have NOT enabled 2FA
● Continuous and adaptive authentication are the next phase of MFA
● Regulatory standards are starting to mandate the use of strong authentication, e.g.,
SCA under PSD2
● WSO2 Identity Server 5.7.0 supports adaptive authentication
MFA Becomes a Necessity!
Adaptive/Continuous Authentication to Follow
10
By 2022, 60% of large and global enterprises, and 90% of midsize enterprises (MSEs), will
implement passwordless methods in more than 50% of use cases, which is an increase
from fewer than 5% today ~ Gartner
By 2023, vendors that cannot leverage machine learning capabilities for user authentication
will lose more than 50% market share among large and global enterprises engaging in
digital business ~ Gartner
11. ● Enterprises go beyond Access Management and look for end-to-end IAM solutions -
integrates with Access Management, IGA, PIM, SIEM, and Identity Intelligence
solutions
● System Integrators play a key role in deploying end-to-end IAM solutions
● We are facing an exploding endpoint problem. In less than 20 years, the world will
grow from a billion to more than 1 trillion programmable endpoints.
● Integrates with APIs, Microservices, etc.
● Open Banking and CIAM solutions
● Five pillars of Consumer IAM: APIs and Integration, Scalability, Strong/Adaptive
Authentication, Analytics, and Security and Privacy
Every IAM Project is also an Integration
Project
11
12. ● The GDPR has driven a global movement of more mature privacy and data protection
laws
● Privacy-by-design and Privacy-by-default
● California Consumer Privacy Act (CCPA), California IoT Privacy Act
● PSD2 and Open Banking in the financial domain
Regulatory Compliance Makes Into Every
RFIs/RFPs
12
By 2022, more than 75% of entities that intend to manage commerce or
technology engagement — including regions, states and countries worldwide —
will have begun to change their privacy regulations to follow the example of the
GDPR. ~ Gartner
13. ● Microservices deployments are becoming real!
● Brings in a whole set of new security challenges
● How to pass user context between microservices and how to do service-to-service
authentication and authorization?
● Zero Trust Network
● Istio, SPIFFE, OPA, etc.
IAM in the Cloud Native Space
13
14. ● Many organizations are still using homegrown IAM systems that are end of life.
Organizations should not be writing their own IAM software from scratch. Many
COTS, open-source ,and IDaaS options can be extended at the API level to meet
organization-specific needs.
● Homegrown IAM solutions fail to keep up with the innovation happens in the
standards and regulatory domains.
● Organization will look for IAM solutions that could bridge legacy with standard based
ones for smoother migration
Homegrown IAM Failing to Keep Up with
the Pace of Innovation
14
15. Decentralized Identity Makes a Promising
Progress
15
● Emerging standards: DID, Zero-knowledge protocols, Decentralized PKI, and
Decentralized key management
● Organizations: DIF, Sovrin Foundation, Hyperledger Indi (Linux Foundation), and W3C