The critical intersection between AI and identity management

Today, almost every organization and most individuals are using or experimenting with Artificial Intelligence (AI). There are plenty of examples of how it is changing businesses for the better, from marketing and HR to IT teams. What was once computationally impossible, or prohibitively expensive to do, is now within reach with the use of AI.

According to Gartner, approximately 80 percent of enterprises will have used generative AI (GenAI) APIs or models by 2026. As AI drives value for organizations, it is fueling further demand and adoption.

In our modern digital environment, there is a phenomenal amount of data we can now use to train OpenAI’s ChatGPT and other GenAI models. AI can engage data that lives in the online world more naturally, capturing certain activities and events to provide more information and context. In particular, AI's capability for analyzing disparate data sets, identifying patterns, and predicting trends is extremely valuable for IT leaders.

87 percent of survey respondents are planning to use AI

It is no surprise that in our latest SME IT Trends Report, surveyed organizations were actively planning for AI. In fact, only 13 percent of global organizations said they didn’t have any plans to implement AI initiatives. Well over half of surveyed respondents (61 percent) expect to implement AI initiatives within the next year. 76 percent agreed their organization should be investing in AI, and 63 percent have already developed an AI policy.

However, one of the challenges around AI is how these large language models (LLMs) dig into complex subjects. There is a lot of superficial or incorrect data, and this creates limitations for LLMs. For example, they can only look at data that is available. In other words, LLMs predict the best next word based on what has already been provided. This is great if you want help with anything text-related, however, accuracy and context are critical, because results generated by AI solutions will drive business and security decisions.

Indeed, while AI presents breakthroughs in the ability to process logic differently, it also blurs the lines between humans and machines. This is why identity management is crucial to ensure that organizations can securely connect people to technology.

Why AI is an IAM game-changer

The integration of AI in identity and access management (IAM) is a game-changer for businesses looking to provide a secure and seamless experience to their users. Its capabilities can introduce more accurate, efficient, and adaptable identity management solutions that could make friction-filled, cumbersome identity management a thing of the past. In reality, AI technology has already begun to revolutionize the way that businesses manage identity and access, making it more secure and efficient.

AI in identity management has the potential to resolve a host of issues related to the dynamic nature of identity and user behaviors. For example, the need for more robust security measures, the complexity of managing large datasets, and the requirement for adaptive authentication methods in today's diverse and dynamic work environments.

Therefore, rather than making futile attempts to put the brakes on innovation and restrict AI use, we must harness the power of AI responsibly, without introducing unnecessary risk. With AI still in its infancy, now is the time to ensure the guardrails are in place. Where there is opportunity, there is also threat.

AI could be a weakness in a company’s security

AI solutions are also attracting close attention from threat actors who are realizing that -- while they can be used by companies to identify security weaknesses and address them -- they could themselves be a weakness in a company’s security posture.

To this point, according to a recent Gartner Peers Insights Poll around how software teams are using GenAI, 38 percent of respondents cited issues around cybersecurity, and a similar percentage also cited governance policy problems, while 41 percent said the cost of AI tools was a challenge.

As a plethora of new AI capabilities come to market, there is a need for better oversight and governance of AI. Particularly, as AI systems process vast amounts of sensitive data, organizations must prioritize data privacy and adhere to regulatory requirements. This includes implementing data anonymization techniques, ensuring secure data access protocols, and considering local data processing to minimize the risk of data breaches and ensure compliance with data protection laws.

Put simply, organizations looking to bolster security protocols and improve user experience can’t ignore the complexities of data privacy and ethical considerations. Nor can they ignore the fact that AI can be wrong. An error rate of 15 percent may not look bad on paper, however, when dealing with sensitive data like PII, this could lead to significant financial and reputational damage.

Speed is often prioritized over risk management

AI is intuitive, versatile, and useful. The integration of AI into identity management has the ability to create better IAM solutions. This has the potential to make IT admin teams faster and more productive. However, businesses must caution against trying to make things happen too quickly, which could have a detrimental effect. Therefore, organizations looking to enhance security measures through AI will need to approach new initiatives through a strategic and thoughtful application approach.

The GenAI revolution is different from anything that has come before it. AI is set to change the way we work, to reinvent processes, to create new opportunities and it will change the way IT teams do their work. However, many organizations lack formal governance policies around AI, and this could leave them open to future risk. This is where the intersection between AI and identity is pivotal to securely connect people to technology while enhancing identity management through AI.

Denis Dorval is VP of International EMEA & APAC, JumpCloud.