identity & access management (IAM)
Are they who they say they are? Digital has made identity & access management (IAM) crucial and complicated. Read our insights.
Insights
BLOG
Two-Factor Authentication (2FA) Or Multifactor Authentication (MFA)? That Is The Question
We, as security practitioners, need to be mindful about what we mean when we say “2FA” or “MFA.” These terms are often used interchangeably. The confusion is understandable, since 2FA is a subset of MFA. However, just like Halloween candy, MFA (including 2FA) comes in many flavors. Let’s unpack these terms and consider the various […]
Read More
BLOG
A Typical Day Of Analyst Life
We’re hiring! Forrester’s security and risk research team is growing and currently has four open analyst positions: identity and access management, application security, security analytics, and Zero Trust. When I speak to candidates about the analyst role, they all ask one question that I find difficult to answer: “What’s a typical day like for an […]
Read More
BLOG
The CIAM Implications Of The Facebook/Cambridge Analytica Scandal
My fellow Forrester analysts have been covering the data and privacy implications of the Facebook/Cambridge Analytica scandal in several excellent blog posts, such as this one and this from yesterday, but this scandal has highlighted some CIAM-specific implications that CISOs and CMOs need to assess, particularly around the future role of social login. For those […]
Read More
BLOG
M&A In The IAM Market Is Off To A Strong Start In 2018
We’re only one month into 2018 and have already witnessed a surge in M&A activity in the IAM space. Since January 1, 2018, four major IAM related deals, totaling over $1 billion (based on reported amounts and Forrester estimates on certain transactions), have been announced: • KPMG acquired Cyberinc. • One Identity acquired Balabit. • […]
Read More
PODCAST
Identity For Profit
Forrester Vice President and Principal Analyst Andras Cser discusses how identity management can enhance customer experiences and drive growth.
Listen Now
BLOG
XACML is dead
Conversations with vendors and IT end users at Forrester's Security lead us to predict that XACML (the lingua franca for centralized entitlement management and authorization policy evaluation and enforcement) is largely dead or will be transformed into access control (see Quest APS, a legacy entititlement management platform based on BiTKOO, which will probably be morphed […]
Read More
BLOG
Identity Protocol Gut Check
Protocol gut check. That's how someone recently described some research I've got under way for a report we're calling the "TechRadar™ for Security Pros: Zero Trust Identity Standards," wherein we'll assess the business value-add of more than a dozen identity-related standards and open protocols. But it's also a great name for an episode of angst that […]
Read More