Whelp, it’s almost 2020. Some technology has exceeded expectations and others, well, not so much. Five years ago, we should’ve had widely available hoverboards, self-drying and fitting jackets, and flying cars. Hanna-Barbera promised a cutting-edge, underwater research lab; thankfully, we still have 42 years to chase the Jetsons. Despite many of our wildest technology expectations failing to live up, the last decade of identity and access management development has yet to let us down. Hoping that our 2020 predictions remain accurate in hindsight, we expect the continued proliferation of IAM cloud capability and integrations to keep transforming enterprise technology and the way we do business. SSO protocols will steadily decrease the need for unique accounts and credentials for every resource – as such, Active Directory should watch its back. With the adoption of SAML, OAuth 2.0, OpenID and more protocols, consumers have begun to see a drastic reduction in the amount of unique accounts and credentials they must use to log in to various websites. Need to log in to manage a website or do some online shopping? Just use your Google or Facebook account to verify your identity. This trend will not only continue to dominate throughout B2C efforts, but will take hold of B2B and internal business operations thanks to the SSO developments made by Tools4ever, Okta, and other industry leaders. Because of this and the maturation of cloud platforms, such as GSuite, there will be a point in the not-too-distant future where Microsoft’s market hold with (on-premise) Active Directory is no longer bolted to the crust of the earth. As more and more enterprises transition from on-premise to hybrid infrastructure and from hybrid to full cloud deployments, protocol flexibility means having to rely less on systems and applications that look to AD to authorize users’ access. Devices such as the widely popular Google Chromebooks have shown that the AD divorce is much more possible than many might realize. In an industry that prizes disruption above all, expect to see a few directory Davids challenge Goliath. Downstream resources will benefit from increased integration. Coinciding with the increasing use of protocols to connect IT resources, you can also expect your downstream systems, applications, and other resources to better utilize identity data. The protocols mentioned above safely transfer some amount of identity information to verify users. The next step will be seeing how we can then leverage the information transferred within the protocols. Provisioning will be far more rapid, as transferred identity data will help immediately create accounts and configure access levels. Continually improving integrations will provide administrators and managers far more granular control during initial setup, active management, and deactivation. Increased connectivity will allow much of this management to be centralized at the source of the authoritative identity data and easily pushed out from there. Systems and applications will better incorporate identity data to enforce a given user’s permissions within that resource. Multifactor authentication (MFA) will pervade our login attempts and increase the security of delivery to stay a step ahead. Already popular amongst some enterprise technologies and consumer applications handling sensitive, personal data (e.g. financial, healthcare), MFA will continue to transform our authentication attempts. Much has been made over the years about password complexities and poor safeguarding, but human error and “it’s easy to remember” remain persistent pitfalls. The addition of MFA helps immediately add further security to authentication attempts by having the user enter a temporarily valid pin code or verify by other methods. The area to watch with MFA is the delivery method. SMS notifications were the first stand-out, but forced some organizations to weigh the increased costs messaging might bring on their company’s mobile phone plan. SMS remains common, but all things adapt and hackers’ increased ability to hijack these messages have made their delivery less secure. Universal One-time Password clients (OTP), such as Google Authenticator, have both increased security and made the adoption of MFA policies significantly easier via time-sensitive pin codes. Universal clients also eliminate the need for every unique resource to support its own MFA method. Already evolving, pin codes are beginning to be replaced by “push notifications”, which send a simple, secure “yes/no” verification prompt. After downloading the client app and registering your user account, a single screen tap will be all it takes to add extra security to your logins. Gartner has been extolling push notifications for a couple years now as the future, having predicted that 50% of enterprises using mobile authentication will adopt it as their primary verification method before the decade closes.  Read Less