Gunnar Assmy - Fotolia
Risk & Repeat: Should IAM systems be run by machine learning?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems.
The identity and access management market appears poised for an influx of machine learning technology, but are enterprises ready for machines to govern their IAM systems?
That was one of the big questions at the recent 2017 Cloud Identity Summit in Chicago, which explored a number of trends and topics, including machine learning applications for IAM systems.
Many vendors and service providers are increasing the number of signals, such as passwords, personally identifiable information and biometric data, that they use to determine a user's identity and authorizations. And as that signal data increases, and the processes become more complex, some experts believe machine learning algorithms will be called upon to take over for human identity professionals.
"We have exponentially more data to inspect to help us make those [IAM] decisions, and the pace at which we need to make access control decisions is accelerating," said Andre Durand, CEO of Ping Identity, during his keynote. "I think machines are required."
But is turning over IAM systems to machines the right move for enterprises? Is machine learning technology mature enough to learn from false negatives that prevent legitimate users from logging in? With the increasing amount of data and signals, are IAM systems in danger of becoming too complex?
In this episode of the Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss those questions and more on the topic of machine learning and how it may affect identity management and access control technology in the future.
Risk & Repeat: How the NotPetya ransomware changes the threat landscape
Risk & Repeat: RNC voter database exposed on Amazon Simple Storage Service bucket
Risk & Repeat: Symantec certificate issuance under fire again