In a recent interview with Computer Weekly, Mark McClain, founder and CEO of SailPoint, discussed the evolution of identity in the technology industry. McClain reflects on his experience with identity management, starting in the 1990s when he worked at Tivoli. He explains how the concept of identity emerged during the shift from centralized data centers to distributed computing. At that time, user management became a challenge as individuals had accounts on multiple servers. This led to the development of applications to streamline user processes and improve efficiency.
McClain then describes how the second wave of change came in the 2000s, driven by compliance regulations and the need to manage and validate multiple identities. SailPoint was founded during this period. The arrival of SaaS applications and mobile computing in the 2010s brought further changes, as organizations no longer owned the compute, network, and devices. Identity management and cybersecurity became intrinsically linked, with identity emerging as a control point for security.
The Covid-19 pandemic also accelerated the evolution of identity as a security measure. The shift to remote work exposed insufficiencies in security and highlighted the importance of identity management. McClain explains how the sheer proliferation of identities has contributed to this evolution. The number of individuals needing to be identified has expanded to include contractors and employees in supply or distribution chains. Additionally, the increasing volume of data being exchanged across various tools creates vulnerabilities.
To address these challenges, McClain emphasizes the need for intelligence and automation. Investments in AI and automation help organizations keep up with the growing number of identities and access to data. He also acknowledges the threats posed by AI, as it can be used to manipulate trusted identities. McClain shares his own experience of having his identity spoofed by an AI tool. He predicts that AI-enabled cybercriminals will become more adept at bypassing identity verification systems.
Looking ahead, McClain sees challenges in protecting non-human identities, particularly in industries like financial services where machines are taking on more tasks. The programming problems of ensuring the authenticity and validation of non-human identities need to be addressed.
Overall, McClain believes that identity is a fundamental element in the technology industry. SailPoint’s expertise in identity and data management positions the company well to address future challenges and become a trusted source for identity solutions.
