PlainID published a report, based on research conducted among IT and security professionals in North America and the UK. Among its headline findings, the report reveals that authorization is the rising priority in identity and access management (IAM), while organizations are also looking to consolidate and standardize access control and authorization.
In contrast to last year, when the top IAM-related cybersecurity priority was strong authentication, the report findings show that IAM priorities are shifting in 2022, with authorization-related initiatives such as run-time access (62%), API access control (51%) and policy-based access control gaining traction (43%). This shift is driven from the top, with C-suite ranking authorization initiatives at the highest levels.
In addition, with the shift to identity-first security and with security perimeters now spread across data, APIs, applications and more, managing access has become highly complex, manual, and distributed across multiple systems. This is driving the need for standardization and scale, which were reported as the top two drivers for authorization solutions, at 25% and 17%, respectively.
Majority of organizations already working on an authorization strategy
Asked about their authorization strategy, 96% of organizations have already implemented their approach or are in the process of developing it. Respondents were almost equally split in terms of where they are on their roadmap, with 35% of companies already having an authorization strategy in place.
A further 31% have defined their strategy ready to implement in 2022, while 30% are in the process of deciding on their strategy, with plans to implement over the next five years.
“Modern businesses are shifting to zero trust security architecture, while also adopting a more identity-centric approach to security. Authorization is the missing piece of the puzzle that can support organizations in achieving digitization and modernization, and to bridge the gap between security and IAM,” said Oren Ohayon Harel, CEO, PlainID.
“As the enterprise perimeter shifts and data and APIs become a target, as well as the continuing growth of multi-cloud usage and work from home initiatives, security technologies and strategy need to change if organizations are to meet their objectives.”