Latest News


Identity Access Management: Three crucial elements to modern IAM infrastructure

Written by Jacob Ideskog, CTO, Curity

There have been a number of obvious disruptors over the past few years for businesses. The pandemic, the move to remote working, technological advancements, more sophisticated bad actors – these factors all contribute to the ever-changing business landscape. At the heart of many of these changes is the challenge of remotely proving, authenticating and managing identity. The result is a catalyst effect on existing Identity and Access management (IAM) infrastructures and in particular modern authentication methods. A modern IAM system is essential for businesses to deliver a competitive advantage, streamline business operations and keep their customers, employees and ecosystems secure.

Without it, businesses are at risk of security breaches and providing a poor user experience for their customers. Substandard IAM infrastructure can also impact business performance, as many businesses will invest time and resources in rectifying mistakes that could be fixed with a solid infrastructure in place. There are three key elements to building this:

  • Speed and scalability
  • Integration
  • Deployment options

This article will discuss these elements in more detail, as well as how organisations can tangibly use them to build a modern IAM infrastructure.

Speed and scalability

When it comes to IAM infrastructure, speed is of the essence. The faster IT security teams can react to alerts, the better they can manage threats and minimise and mitigate their impact on the business. An organisation’s ability to quickly react to issues, adapt to changes and manage  the IAM infrastructure has a direct impact on its competitiveness and success.

Another key factor to consider is scalability. Can your new IAM infrastructure be easily scaled as your business grows? It is incredibly important that organisations are able to customise and configure their IAM platform quickly, and not have to write significant amounts of new code when the business demands additional  use-cases. A good identity system will be able to handle even the most intricate use-cases and scenarios, giving organisations the ability to centralise its identity management, provide common access to APIs and share security policies. These qualities will allow companies to quickly and easily deliver new apps and services to their users.


A modern Identity Management System needs to have complete architectural coverage of use-cases across all mobile, web, and API-driven applications and should cover both external and internal use.

The use of APIs has grown exponentially in recent years and this has created a new challenge for companies when it comes to IAM. Legacy IAM systems are not equipped to manage the task of accessing  the accelerating number of microservices and therefore a new approach and improved IAM solution is needed.Typically legacy IAM systems are focused on a security perimeter that can be easily secured, for example the internal employees. Today the need for access from many devices, locations and very large user bases, perhaps in the millions, needs a different more scalable approach.

Therefore a modern IAM solution, with this level of flexibility embedded from the get go, is needed to allow organisations to properly protect and manage their API integrations. App developers shouldn’t be blocked from building user-friendly apps by an outdated IAM system.

A modern IAM platform should also enable organisations to easily map requirements onto functions. This is achieved by applying separation of concerns design principles and splitting different aspects of identity into discrete logical components, allowing businesses to manage complex identity and access needs.


On-premise vs cloud is the big question for many IT solutions and this includes IAM. There are benefits on both sides. On-premise may be preferable – or even non-negotiable – if an organisation requires tighter control of resiliency and it can allow for better protection of data. However, deploying IAM infrastructure via a cloud environment allows for quick, often very economical deployment which enhances the scalability of the solution.

Fortunately, the sector now has both on-premise and Cloud options available and can use both for storing data and identities where they choose. Organisations are able to retain complete control over their data without sacrificing the freedom to easily set up, manage and dynamically scale their identity platform.

Perfecting IAM infrastructure

These are three key factors that make up the deployment of a modern IAM infrastructure. They support crucial business goals of reducing costs, improving business performance, and speeding up time-to-market. Organisations should look for a service that’s focused around user-friendly, modern IAM infrastructure that can adapt to developments in the IT sector and change as the industry develops.

As technology evolves, and businesses focus on streamlining processes, a modern IAM infrastructure is a key element of this. All organisations must ensure they understand the benefits and different elements of IAM to ensure that a future-proof business can be built thanks to this advancing technology.