GRC concerns push identity and access management

Governance, risk, and compliance (GRC) making firms embrace identity and access management (IAM)

New research from Forrester has found that over three-quarters of enterprise IT security professionals in France, Germany and the UK of the respondents feel that  some aspect of governance, risk, and compliance (GRC) is pushing them into embracing identity and access management (IAM) even though they have issues regarding its purchase, implementation and operation.

In ‘Identity And Access Management Adoption In Europe: 2008’, the analyst firm found  that the top drivers of IAM were security and governance, and 78% of the IT security professionals regarded IAM as important or very important to their organisation in t he coming 12 months.

Forrester also found differences between how European enterprises and their counterparts in the US and Canada regard IAM. Regulatory compliance drives far more IAM adoption at North American companies (24%), at the expense of improved service delivery and security and governance concerns.  Forrester suggests that this is likely due to the historically greater regulatory burden in Europe , where enterprises are more accustomed to dealing with compliance issues.

European enterprises’ two main obstacles to adopting IAM were the cost and complexity associated with buying, implementing, and operating these products and solutions. Forrester’s analysts of this is that it is a reflection of the fact that the broader identity and access management space is still quite fragmented and full of products that often don't work together very well.

About a quarter of the respondents indicated that they were confident of reaching identity and access objectives without dedicated IAM tools, and a similar number indicated not yet recognising the business value of IAM. Forrester believes that some in the latter category may not have been able to make the case for IAM to the executives holding the purse strings.

Firms should just start their identity management initiatives to build the case around improved governance, risk, and compliance, and start with authentication advised Forrester.


“Both our online survey data and our conversations with clients indicate that identity and access management in general is gathering pace among European enterprises,” commented report author Bill Nagel. “As the marketplace is fragmented and disjointed, adoption is naturally occurring in fits and starts, with technologies that address more obvious top-of-mind issues finding the greatest traction to date.”

Read more on Hackers and cybercrime prevention