Article Posted date 24 June 2022
2 min read

As much of the world has moved to hybrid or remote work, Identity and Access Management (IAM) has moved up the priority list for many IT leaders. KPMG in Canada offers a look at the top trends and key recommendations in IAM for 2022.

IAM is a framework of policies and technologies that allow organizations to make intelligent, risk-based decisions about who is allowed to access which information and operational assets, when, and in what context. With a growing number of employees working “anytime, anywhere and from any device,” it’s critical for businesses to keep up with the proliferation of identities and systems.

5 key trends in IAM

Automation

Automating onboarding and offboarding hybrid employees

Onboarding and offboarding employees traditionally involves time-consuming, manual processes. The right IAM tools can perform onboarding and offboarding functions at the push of a button.

Implementing IAM

Implementing IAM across the cloud

Businesses are now accelerating their adoption of cloud applications and services. Besides the benefits of cloud nimbleness, these types of tools allow for quick and easy implementation. Moreover, in comparison with older technologies, it will no longer be necessary to go through regular (and often tedious) update cycles.

Added protection

Added protection with password managers

A password manager or password keeper is essentially an encrypted digital vault that creates strong and unique passwords for each application and account, and securely stores the information. This helps make employee’s credentials difficult to breach, in addition to eliminating the need to memorize multiple passwords.

Zero trust mindset

Adopting a zero trust mindset

Businesses that adopt zero trust set up a capability architecture that assumes there is no existing trust inside or outside network perimeters; allowing for continuous verification of applications, data, devices and users and is reviewed on an ongoing basis. This approach helps to segment resources, provide just-in-time access, secure code, and protect data.

Least privilege

Least privilege principle extends to end-point devices

The principle of least privilege is the practice of restricting access rights for individuals to only those resources they need to perform a specific job or task.

Want to learn more?

Download the PDF to explore the six recommendations to drive your IAM strategy forward.

Trends and recommendations

5 key trends and 6 recommendations for optimizing IAM strategies.

Opens in a new window

Insights and resources

playing soccer
Practice makes cyber perfect
5 min read

How service organizations maintain trust through SOC

Snowboarding safely in a storm
Into the breach
4 min read

How boards need to think about cyber preparedness

Connect with us

Thomas J Davies blog posts
Thomas Davies
Partner, Cyber Security and Risk Consulting Managed Services National Lead
KPMG in Canada
Profile | | Phone
Marc Chaput blog posts
Marc Chaput
Partner, Cyber Security Advisory Services - Identity and Access Management
KPMG in Canada
Profile | | Phone
Erik Berg blog posts
Erik Berg
Partner, Technology Risk Consulting, Advisory Services
KPMG in Canada
Profile | | Phone
Imraan Bashir blog posts
Imraan Bashir
Partner & National Public Sector Cyber Leader
KPMG in Canada
Profile | | Phone
Robin Tong blog posts
Robin Tong
Partner
KPMG in Canada
Profile | | Phone

Stay up to date with what matters to you

Gain access to personalized content based on your interests by signing up today

Connect with us