As much of the world has moved to hybrid or remote work, Identity and Access Management (IAM) has moved up the priority list for many IT leaders. KPMG in Canada offers a look at the top trends and key recommendations in IAM for 2022.

IAM is a framework of policies and technologies that allow organizations to make intelligent, risk-based decisions about who is allowed to access which information and operational assets, when, and in what context. With a growing number of employees working “anytime, anywhere and from any device,” it’s critical for businesses to keep up with the proliferation of identities and systems.

5 key trends in IAM


Automating onboarding and offboarding hybrid employees

Onboarding and offboarding employees traditionally involves time-consuming, manual processes. The right IAM tools can perform onboarding and offboarding functions at the push of a button.

Implementing IAM

Implementing IAM across the cloud

Businesses are now accelerating their adoption of cloud applications and services. Besides the benefits of cloud nimbleness, these types of tools allow for quick and easy implementation. Moreover, in comparison with older technologies, it will no longer be necessary to go through regular (and often tedious) update cycles.

Added protection

Added protection with password managers

A password manager or password keeper is essentially an encrypted digital vault that creates strong and unique passwords for each application and account, and securely stores the information. This helps make employee’s credentials difficult to breach, in addition to eliminating the need to memorize multiple passwords.

Zero trust mindset

Adopting a zero trust mindset

Businesses that adopt zero trust set up a capability architecture that assumes there is no existing trust inside or outside network perimeters; allowing for continuous verification of applications, data, devices and users and is reviewed on an ongoing basis. This approach helps to segment resources, provide just-in-time access, secure code, and protect data.

Least privilege

Least privilege principle extends to end-point devices

The principle of least privilege is the practice of restricting access rights for individuals to only those resources they need to perform a specific job or task.

Connect with us

Stay up to date with what matters to you

Gain access to personalized content based on your interests by signing up today

Connect with us