Application Development

When IAM technologies began to emerge, they were generally software suites implemented in-house by organisations in order to automate many of the tasks and processes involved in managing user identities and access rights – a process that did not scale using manual methods and spreadsheets. Such software suites were generally costly and complex to deploy, especially across large organisations, and were generally restricted to controlling access to enterprise applications running in-house.

Today, many of the applications used by organisations are provided by external parties and are accessed remotely, either provided as web-based applications or provisioned in the cloud, often provided on a subscription basis. Each application and service generally requires a distinct user name and password combination for access, along with other specific requirements such as password expiration cycles, creating password management challenges for organisations and individual users alike.

IAM systems are evolving to handle the challenges of access and authentication to online services, offering federated single sign-on for all applications a user needs to access, automated provisioning and deprovisioning of access rights, strong authentication and self-service tools for aiding productivity. Such systems cater to the needs of organisations that are increasingly providing mobile device users, including those owned by the users themselves, with access to online applications and services. Newer developments include the provision of a hybrid model, whereby an identity bridge connects online application access to backend corporate directories, IAM technologies and other systems of record, providing access to enterprise applications for remote users, as well as potentially to partners and customers.