this way, PIAM 2.0 takes the pressure off administrators and al- “This shift demands that PIAM lows them to focus on more mission critical assignments. Given the numerous benefits afforded by PIAM, organizations 2.0 is smart enough for office are deploying new PIAM-centric solutions to address challenges planning, occupancy, and beyond security related to a shrinking labor pool, rise in hybrid accommodation of the hybrid working, and new compliance mandates. And they are doing it using their existing data. workforce access routine.” Deploying Data-Driven Security in PIAM 2.0 To understand how PIAM solutions work, it helps to illustrate how access is traditionally managed when relying solely on legacy access control systems and manual processes. In the absence of PIAM, access management is handled through a process typically involving an organization’s Human Resources (HR) department and department managers. These departments rarely collaborate to determine appropri- ate access privileges for staff and visitors, issuing credentials and provisioning access on a case-by-case basis. However, this manu- al approach is prone to errors and delays due to the reliance on physical procedures. To address these limitations, PIAM 1.0 solutions were in- troduced in the early 2000s, characterized by computerization, role-based access control, and centralized access permissions. This automation allowed for easier review and updates of access privileges, highlighting discrepancies, and simplifying the man- agement of permissions when employees left the organization. Despite these advancements, PIAM 1.0 systems operated in isolation and required manual updates, leading to backlogs, er- rors, and the accumulation of inaccurate access data. Early PIAM systems also required hard coded rules and logic and were inflexible to changes, incapable of keeping up with the changing business requirements. These issues were only exacer- bated post-pandemic that saw the Great Resignation, “quiet quit- ting”, and return to office mandates. As a result, insider threats remained hidden and difficult to identify within the access control system. Security threat intelligence metrics were missing. While this phase brought improvements, there was still room for further enhancements to optimize access management. Thus, PIAM 2.0 was born. Advanced PIAM 2.0 solutions revolutionize access manage- ment by leveraging data-driven automation, Artificial Intelligence (AI), and Machine Learning (ML). These advanced systems ag- gregate and analyze a vast array of data, including identities, cre- dentials, permissions, and information from various business sys- tems, such as HR software and PACS. This comprehensive data intelligence provides organizations with enterprise-wide visibility over the entire lifecycle of identities. By centralizing identity management on a single platform, PIAM 2.0 automates the access provisioning process, granting access per- 20 SEPTEMBER/OCTOBER 2023 | SECURITY TODAY Shutterstock.com/Andrew Angelov COVER STORY