IAM – Identity And Access Management

Are they who they say they are? Digital has made identity & access management (IAM) crucial and complicated. Read our insights.

Discover how Forrester supports IT leaders.

Insights

Blog

The Web Needs A Way Of Proving That You’re A Real Person — Worldcoin Is Not The Solution

Martha Bennett July 26, 2023
New crypto-focused financial network Worldcoin promises to provide a “new identity and financial network owned by everyone.” But it raises more issues than it solves. Find out why.
Blog

Don’t Ignore Your Employee Offboarding Processes

Paddy Harrington April 4, 2023
How offboarding is handled not only impacts your organization directly — it can also have a lasting effect on how others perceive your organization. Our two latest reports can help leaders mitigate the risks.

Stay Ahead of Threats with These Cutting-Edge Detection Engineering Practices

Join us on Sept. 27 for a live webinar to learn how to enhance your security operations practice with agile and detection engineering practices.

Blog

Meet The New Analyst Covering IAM: Geoff Cairns

Geoff Cairns August 25, 2022
What Topics Will You Be Covering At Forrester? I am very excited to be covering identity and access management (IAM), with a focus on the workforce environment (business to employee). I will also collaborate with Forrester’s other IAM analyst, Andras Cser. Some areas and topics that I hope to explore include: How to optimize workforce […]
Blog

The State Of Decentralized Digital Identities

Andras Cser August 19, 2022
Learn the value of decentralized digital identities in this preview of Forrester’s Security & Risk event, November 8–9.
Blog

SailPoint To Be Acquired By Private Equity Firm Thoma Bravo For $6.9 Billion

Andras Cser April 13, 2022
On Monday, April 11, 2022, identity management and governance (IMG) vendor SailPoint announced that it was being bought by private equity (PE) firm Thoma Bravo for $6.9 billion. This is not the first rodeo for Thoma Bravo with SailPoint; in 2014, the PE firm bought out SailPoint’s original venture capital investors and remained an owner […]
Blog

Okta Lapsus$ Compromise: How To Make Sure You’re Protected

Merritt Maxim March 24, 2022
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog

Evolve Your IAM Strategy For Today’s Digital Employee And Customer

Merritt Maxim March 16, 2022
Identity and access management (IAM) is the control plane for determining a root of trust for all digital identities. Effective IAM must validate identities, secure access, manage privileges, and be optimized for hardened security, good user experience, and operational efficiency across all user populations — your workforce, partners, customers, and machine identities. Effective and efficient […]

Strenthen Security Operations With Agile SecOps

Read this report to learn how to apply agile software development lifecycle practices (SDLC) to detection and response to create engineering-driven detection operations.

Blog

SentinelOne Secures Identity First, Deception Second, In Attivo Acquisition

David Holmes March 15, 2022
Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]
Blog

Don’t Hit The Curb — Instead, Curb The Risk Of Emerging Technologies In 2022!

Andras Cser February 4, 2022
Find out why these five technology categories are causing security decision-makers the most concern.
Blog

S&R Forum 2021: Passwordless Authentication Adoption Is Gaining Momentum

Sean Ryan November 8, 2021
Passwordless authentication, in the form of inherence factors (e.g., fingerprint, facial) or in the form of possession factors (e.g., device, app, token/certificate) and supplemented by other factors (e.g., location, user behavior), is an emerging authentication technology that will protect organizations from brute force attacks, credential stuffing, phishing, and social engineering tactics. If carefully selected and […]
Blog

Perspectives On One Identity’s Acquisition Of OneLogin

Merritt Maxim October 8, 2021
On October 4, 2021, identity and access management (IAM) vendor One Identity announced plans to acquire identity-as-a-service (IDaaS) vendor OneLogin for an undisclosed amount. Founded in 2009, OneLogin is an established pure-play IDaaS vendor that primarily serves midmarket enterprises, with a unified platform for employees, partners, and customers, and has raised over $170 million in […]
Blog

Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B

Andras Cser March 4, 2021
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.

Seven Steps To Bolstering Network Security With Zero Trust Edge

Watch this video to break down vendor ZTE hype and learn how to implement it across all endpoints in an enteprisewide networking fabric.

Blog

GRC And IAM — Better Together

Sean Ryan February 11, 2021
Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.
Blog

It Is A Privilege To Announce The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020

Sean Ryan November 19, 2020
Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]
Blog

Dealing With The Access Hoarders In Your Organization

Sean Ryan November 11, 2020
Anyone who has seen the show Hoarders knows how people who fill their houses with unneeded stuff can literally bury themselves in junk. Security and risk (S&R) pros who manage employee access to apps, databases, and systems should notice the Hoarders parallel when it comes to IT access: Many employees unknowingly acquire access over time, […]
Blog

How A Password Manager Could Save Your Marriage

Brian Kime October 29, 2020
My wife has the good fortune of living with a security and risk pro who also happens to be a US Army intelligence officer, so she’s been previously scolded about lax security practices. I also point out how “hacking” scenes on TV and in movies are comical and inaccurate. Note: Said wife was not consulted […]
Blog

New Research: Emerging Use Cases And Risks For Biometrics

Merritt Maxim October 1, 2020
Biometric authentication is a powerful technology with many compelling use cases but is not without controversy and distinct risks. What are users’ privacy rights in how biometric information is processed and stored? How are biometrics regulated around the world? How can the use of biometrics lead to discriminatory practices? What security shortcomings are associated with […]

Get More Risk Mitigation With Your 2024 Budget

Download our 2024 Planning Guide for Security and Risk Leaders to see where strategic cybersecurity investments (and divestments) can deliver more business value.

Blog

The Security Snapshot: Improving Your Security Posture During A Global Crisis

Joseph Blankenship August 24, 2020
The COVID-19 global pandemic was top of mind for security leaders (and everyone else) during the second quarter of 2020. Forrester’s security and risk (S&R) team focused on pandemic recovery and looked at myriad ways to renew your security program and give it new life — from the development of talent and the future of […]
Blog

CyberArk Scoops Up Idaptive

Sean Ryan May 14, 2020
Read Forrester's take on CyberArk announcing its acquisition of identity-as-a-service vendor Idaptive.
Blog

Privileged Identity Management Solutions Must Secure Growing Diversity Of Use Cases

Sean Ryan April 9, 2020
Last week, Forrester published its latest overview of the privileged identity management (PIM) market, which can be found here. In it, we provide an overview of the 17 leading PIM vendors and categorized each vendor as either a PIM specialist or PIM suite provider , along with a market segmentation based on geography and annual […]
More posts