IAM – Identity And Access Management
Are they who they say they are? Digital has made identity & access management (IAM) crucial and complicated. Read our insights.
Insights
Blog
Meet The New Analyst Covering IAM: Geoff Cairns
What Topics Will You Be Covering At Forrester? I am very excited to be covering identity and access management (IAM), with a focus on the workforce environment (business to employee). I will also collaborate with Forrester’s other IAM analyst, Andras Cser. Some areas and topics that I hope to explore include: How to optimize workforce […]
Blog
The State Of Decentralized Digital Identities
Learn the value of decentralized digital identities in this preview of Forrester’s Security & Risk event, November 8–9.
Unlock The Secret To 2023 Tech Success
Attend our predictions webinar on overcoming resource constraints with a focus on resiliency and talent.
Blog
SailPoint To Be Acquired By Private Equity Firm Thoma Bravo For $6.9 Billion
On Monday, April 11, 2022, identity management and governance (IMG) vendor SailPoint announced that it was being bought by private equity (PE) firm Thoma Bravo for $6.9 billion. This is not the first rodeo for Thoma Bravo with SailPoint; in 2014, the PE firm bought out SailPoint’s original venture capital investors and remained an owner […]
Blog
Okta Lapsus$ Compromise: How To Make Sure You’re Protected
On Tuesday, March 22, 2022, identity-as-a-service (IDaaS) provider Okta announced that it had detected an attempt to compromise the account of a partner in January 2022. The announcement came after the hacking group Lapsus$ posted screenshots of a computer used by one of Okta’s third-party customer support engineers. As one of the largest IDaaS providers with […]
Blog
Evolve Your IAM Strategy For Today’s Digital Employee And Customer
Identity and access management (IAM) is the control plane for determining a root of trust for all digital identities. Effective IAM must validate identities, secure access, manage privileges, and be optimized for hardened security, good user experience, and operational efficiency across all user populations — your workforce, partners, customers, and machine identities. Effective and efficient […]
Blog
SentinelOne Secures Identity First, Deception Second, In Attivo Acquisition
Endpoint security and extended detection and response (XDR) vendor SentinelOne today announced the acquisition of Attivo Networks for just over $600 million. Attivo was a darling of deception technology, but SentinelOne was really after its Active Directory protection portfolio, including ADAssessor and ADSecure. Enterprise identity plays a critical role in the Zero Trust world mandated […]
Blog
Don’t Hit The Curb — Instead, Curb The Risk Of Emerging Technologies In 2022!
Find out why these five technology categories are causing security decision-makers the most concern.
Prepare Your Infrastructure For 2023 Change
Get our Predictions 2023 guide to explore the infrastructure shifts driving transformation and resiliency.
Blog
S&R Forum 2021: Passwordless Authentication Adoption Is Gaining Momentum
Passwordless authentication, in the form of inherence factors (e.g., fingerprint, facial) or in the form of possession factors (e.g., device, app, token/certificate) and supplemented by other factors (e.g., location, user behavior), is an emerging authentication technology that will protect organizations from brute force attacks, credential stuffing, phishing, and social engineering tactics. If carefully selected and […]
Blog
Perspectives On One Identity’s Acquisition Of OneLogin
On October 4, 2021, identity and access management (IAM) vendor One Identity announced plans to acquire identity-as-a-service (IDaaS) vendor OneLogin for an undisclosed amount. Founded in 2009, OneLogin is an established pure-play IDaaS vendor that primarily serves midmarket enterprises, with a unified platform for employees, partners, and customers, and has raised over $170 million in […]
Blog
Okta Acquires Identity Orchestration And CIAM Vendor Auth0 For $6.5B
Forrester analysts take a detailed look at what's driving the unprecedented premium being paid in this acquisition.
Blog
GRC And IAM — Better Together
Struggling to define where GRC ends and IAM begins? Get a clear breakdown of how the two functions should work together in a broader risk management strategy.
Blog
It Is A Privilege To Announce The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020
Bad puns in the title of this blog post aside (queue the rolling of the eyes, sigh, and slight smirk), we are pleased to announce that “The Forrester Wave™: Privileged Identity Management (PIM), Q4 2020” is now live. While PIM vendors have been adding new capabilities and improved user experience over the past two years, […]
Shape Your 2023 Cybersecurity Priorities For Uncertain Times
Join us for a planning webinar to learn how you can budget and align your 2023 cybersecurity plans for what’s ahead.
Blog
Dealing With The Access Hoarders In Your Organization
Anyone who has seen the show Hoarders knows how people who fill their houses with unneeded stuff can literally bury themselves in junk. Security and risk (S&R) pros who manage employee access to apps, databases, and systems should notice the Hoarders parallel when it comes to IT access: Many employees unknowingly acquire access over time, […]
Blog
How A Password Manager Could Save Your Marriage
My wife has the good fortune of living with a security and risk pro who also happens to be a US Army intelligence officer, so she’s been previously scolded about lax security practices. I also point out how “hacking” scenes on TV and in movies are comical and inaccurate. Note: Said wife was not consulted […]
Blog
New Research: Emerging Use Cases And Risks For Biometrics
Biometric authentication is a powerful technology with many compelling use cases but is not without controversy and distinct risks. What are users’ privacy rights in how biometric information is processed and stored? How are biometrics regulated around the world? How can the use of biometrics lead to discriminatory practices? What security shortcomings are associated with […]
Blog
The Security Snapshot: Improving Your Security Posture During A Global Crisis
The COVID-19 global pandemic was top of mind for security leaders (and everyone else) during the second quarter of 2020. Forrester’s security and risk (S&R) team focused on pandemic recovery and looked at myriad ways to renew your security program and give it new life — from the development of talent and the future of […]
Blog
CyberArk Scoops Up Idaptive
Read Forrester's take on CyberArk announcing its acquisition of identity-as-a-service vendor Idaptive.
Blog
Privileged Identity Management Solutions Must Secure Growing Diversity Of Use Cases
Last week, Forrester published its latest overview of the privileged identity management (PIM) market, which can be found here. In it, we provide an overview of the 17 leading PIM vendors and categorized each vendor as either a PIM specialist or PIM suite provider , along with a market segmentation based on geography and annual […]
Blog
Two-Factor Authentication (2FA) Or Multifactor Authentication (MFA)? That Is The Question
We, as security practitioners, need to be mindful about what we mean when we say “2FA” or “MFA.” These terms are often used interchangeably. The confusion is understandable, since 2FA is a subset of MFA. However, just like Halloween candy, MFA (including 2FA) comes in many flavors. Let’s unpack these terms and consider the various […]
Blog
A Typical Day Of Analyst Life
We’re hiring! Forrester’s security and risk research team is growing and currently has four open analyst positions: identity and access management, application security, security analytics, and Zero Trust. When I speak to candidates about the analyst role, they all ask one question that I find difficult to answer: “What’s a typical day like for an […]
More posts