8 top identity and access management tools

Identity is becoming the new perimeter, and these IAM tools have evolved to help secure assets as organizations rely less on traditional perimeter defenses and move to zero-trust environments.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.
DEM10 / Getty Images

The days of perimeter security acting as the core of cybersecurity defenses are long gone. No organization would be caught without firewalls and antivirus scanners to catch low-sophistication attacks, but the real battle to protect the network has moved to the realm of identity and access management (IAM).

Perimeter security has lost importance because organizations no longer have much of a hardware perimeter. Most have moved to the cloud and are rapidly adding apps and services as needed to support their employees and customers in the new world of always on, always available connectivity. While this situation has made most organizations more agile and efficient, it has also exposed them to considerable risk.

Without tight IAM controls, it’s easy to lose track of the thousands of identities operating within a modern company’s network. Each user can have multiple identities, and non-human entities like apps and programs also hold various identities and permissions. According to one study, most organizations oversee an average of 40,000 permissions spread out across the four major cloud platforms: Amazon Web Services, Google Cloud Platform (GCP), Microsoft Azure and VMware. Many of those accounts are over-permissioned, requiring only about 10% of the permissions they currently hold. Other identities may not be in use at all because they belong to employees who have left the organization or applications that are no longer used.

Attackers have taken notice, with most advanced attacks now actively trying to compromise unused or over-permissioned accounts to circumvent security. In fact, Verizon’s 2020 Data Breach Investigations Report found that more than 80% of hacking-related breaches that year involved the use of lost or stolen credentials. Many of the most recent high-profile breaches, like the SolarWinds attack, used compromised identities and elevated privileges to bypass cybersecurity defenses.

How IAM tools work 

To continue reading this article register now

Microsoft's very bad year for security: A timeline