ID management's security role stable
Enterprises remain committed to investment in Identity Access Management (IAM) technology, as it increasingly becomes part of enterprise security strategy, reports the '2009 Identity Access and Management Survey', by KPMG and Dutch systems integrator Everett, launched at security conference ISSE 2009 in the Hague this week.
The report defines IAM as the 'policies, processes, and systems for efficiently and effectively governing and managing who has access to which resources within an organisation', with specific reference to IT governance requirements.
Nearly 90 per cent of the survey's participants reported that they have started one or more IAM projects over the last 12 months, and 70 per cent of the same sample say they have a dedicated budget for IAM initiatives (about the same figures as the 2008 survey). However, 25 per cent of respondents revealed that they had been subject to budgetary reductions of 5-15 per cent on IAM allocations.
The survey identified Governance, Risk and Compliance (GRC), operational excellence, and Business Agility as the three main drivers for IAM commitment.
However, the survey's findings also suggest that IAM has some challenges to overcome before it wins full acceptance from executive management and stakeholders, with 51 per cent of respondents reporting a 'lack of support' from those particular quarters.
The '2009 European Identity and Access Management Survey' is authored by KPMG's John Hermans, and Peter Valkenburg, CTO at Everett Group. The publication was produced with the support of e-business trade association EEMA, and IIR.