SBN

The authorization market has momentum…here’s why that matters

As part of my role here at Axiomatics, I am in front of customers and the market almost everyday listening, identifying blind spots and considering what/if any impact their experience and feedback may have on the company’s product strategy.

Over the last six weeks, I have been on a virtual global roadshow with customers and analysts all over the world and the best way to summarize my takeaway from these conversations is to take a page out of the technology adoption playbook….the authorization market has crossed the chasm. Yup, I am a bit of a business book geek and even though Geoffrey Moore’s Crossing the Chasm is a couple of decades old, it contains so many great reminders about market adoption as well as momentum that still hold true today.

With that in mind, I believe there are three signals supporting the view that externalized authorization is in the realm of mainstream adoption:

1. Zero Trust goes mainstream

For years, Zero Trust was acknowledged as the gold standard of security methodologies, but also viewed by many organizations as an aspirational goal.

The events of the last two years have made Zero Trust adoption not only a priority for many organizations, but often a Board-mandated imperative.

In conversations with customers and partners, I find this is particularly true for highly-regulated or globally-matrixed large enterprises, who, in line with NIST (National Institute of Standards and Technology) recommendations, understand an ABAC-led approach to Zero Trust is necessary to ensure their deployment is not only successful now, but also prepares them for future security and access challenges.

2. Innovation takes place at record speed

As organizations continue to embrace new technologies in the cloud and via microservices, innovation has to ramp up support these new initiatives – and FAST.

Development teams, once the owner of authorization initiatives, are critical to these innovation efforts, meaning authorization becomes a ‘side of desk’ job.

However, a security strategy that is built to scale cannot side-step a dynamic authorization strategy so organizations are turning to best-in-class authorization solutions to achieve this outcome.

3. Hyperscale application performance

This really goes hand-in-hand with innovation.

As organizations require fast-paced innovation, there’s also a demand from application owners or business users for access and authorization decisions to be made in milliseconds.

Building authorization policies in isolation will not enable organizations to meet these performance expectations.

Momentum is at the heart of innovation and bringing positive change forward for organizations. The idea of authorization is not new. Organizations have tackled the concept since the dawn of application development.

But there has definitely been an inflection point in the market that signals significant momentum towards an externalized, dynamic and attribute-based access control (ABAC)-driven authorization solution. You can read more about why that’s the case in our 2022 State of Authorization Report, released today.

What’s driving momentum in this case is the perfect storm of capabilities, which have come to market to understand user behavior and determine risk.

The desire to use data to understand user risk isn’t new. User Behavior Analytics (UBA) as a market is at least a decade old and is quite mature. Security firms understand this and as a result, have built these capabilities into their platforms.

Authorization goes a step beyond this to provide an assessment of a user’s risk by leveraging risk profiles as an attribute that can inform security policies and access decisions.

It usually goes something like this:

If a user’s risk profile is low, they can be granted more access.

If it is high, they have less or even no access.

But what’s critical is that these determinations are made in real-time, as a user’s risk profile is fluid and dependent on a number of factors including time of access request, location, device, etc.

This is where the Axiomatics team is focusing innovation efforts – how can we empower companies to ensure they have the solutions necessary to make the most accurate access decisions possible, minimizing the amount of risk to the organization?

The enhancements and capabilities we’re introducing today – and will introduce in the next year – will continue to arm our partners and customers with not only the technology, but the methodology and strategy necessary to continue to assess risk, both in the near term and in the future.

When a market, company or even a person has momentum there is a compounding effect. Yes, it feels like Moore’s law (the other Moore – Gordon) is alive and well.

How do you know the momentum is happening? You are doing everything right, but it feels like you are riding shotgun with Dr. Emmet Brown in Back to the Future.

In hindsight, you look back and realize the market hit an inflection and everything is about scale.

What I love about Axiomatics is that it has been preparing for this momentum for more than a decade. Over the last twelve months the team saw the need to scale up and it has executed on that front across the entire company as well as product.

You can read more about our own momentum in the press release we’ve issued today.

The post The authorization market has momentum…here’s why that matters appeared first on Axiomatics.

*** This is a Security Bloggers Network syndicated blog from Axiomatics authored by Mark Cassetta. Read the original post at: https://axiomatics.com/blog/the-authorization-market-has-momentum-heres-why-that-matters