Rezonate platform tackles the evolving challenges of Identity and Access Management (IAM) by unifying identity and security across cloud, SaaS, and on-premises environments. This integrated approach redefines identity management for modern needs. In this show, Roy Akerman, CEO of Rezonate, discusses the outdated nature of traditional IAM practices, and what sets Rezonate apart from other solutions. Akerman goes on to talk about the transformative role of automation and AI in streamlining identity management, highlights notable use cases, and shares the company’s plans for the future.

Navigating identity management challenges in the cloud era

• Akerman shares Rezonate’s founding story and the specific identity management issues it aims to address in cloud and SaaS environments.
• The shift to cloud and SaaS models has acted as a catalyst for fragmented identity security, creating “silos” where user and machine identities are separated and managed differently, leading to vulnerabilities.
• Akerman highlights the growing complexity in identity management, explaining that security controls are often dispersed across layers like cloud providers and SaaS applications, which makes centralized identity protection challenging.
• Akerman emphasizes the importance of developing a “unified identity fabric” that not only integrates IAM across platforms but also incorporates security measures to strengthen identity and access protocols.

Examining the root causes of broken identity management systems (IMS)

• Akerman goes into the causes of fragmented identity management, explaining that it’s a mix of factors such as cloud complexity, immature practices, and “duct-taped” solutions. However, Akerman believes it points to a larger trend of companies shifting from merely managing access to securing it, and often overlooking a holistic strategy.
• Many organizations unknowingly build a “digital fabric” by adding permissions without full security oversight, leading to a kind of security debt that accumulates risk over time.
• Akerman highlights that even smaller organizations, if they use extensive cloud or SaaS applications, can end up with millions of identities they cannot track, escalating compliance risks and increasing their exposure to potential threats.

Identifying the risks and growing awareness in Identity Management

• Akerman elaborates on the specific risks associated with flawed identity management, introducing the concept of “zombie accounts”, inactive accounts that linger without being monitored, which attackers can exploit due to their lack of security oversight.
• While awareness of identity risks is growing among organizations, Akerman feels that the ability to enforce comprehensive security practices across platforms remains a significant challenge.
• Akerman explains how these zombie accounts, often overlooked and unmonitored, become vulnerable entry points for attackers to access critical data and systems, posing severe threats to organizational security.

Addressing the cultural and organizational barriers in Identity Management

• Akerman believes that identity management is largely a cultural issue since traditional identity practices are often not aligned with the distributed, rapid-paced nature of cloud and SaaS environments.
• Akerman elaborates saying that the processes for managing security and access have not adapted to the fundamental changes introduced by cloud computing, resulting in outdated practices.
• Akerman calls for a cultural shift within organizations to prioritize security in identity management, advocating for security integration as a core part of identity processes rather than a mere afterthought.

How Rezonate’s approach goes beyond basic IAM

• Akerman questions the idea that identity management has been fully addressed, pointing to data that reveals many security breaches stem from misconfigured or unmanaged identities.
• Rezonate’s focus is to create a holistic perspective of identities across various platforms, allowing clients to manage both human and machine identities effectively.
• Akerman emphasizes that Rezonate’s platform goes beyond basic IAM by aggregating identity information across cloud and SaaS environments, providing a unified view that aids in monitoring and controlling access end-to-end.

How Rezonate’s platform integrates with existing tools and processes

• Rezonate integrates with existing tools that organizations already rely on to manage identity and security, enriching them by adding essential context, allowing security teams to prioritize risks and understand the scope and usage of specific permissions.
• Akerman provides an example where Rezonate aids in investigating alerts from other vendors, using its platform to provide context on user access patterns, which aids in faster, informed decision-making.
• Akerman underscores that Rezonate centralizes visibility around access review and compliance, helping streamline identity processes, reduce redundant work, and improve security workflows.

Rezonate’s adoption and growth in the market

• Akerman shares that Rezonate has achieved strong adoption, particularly among IAM vendors and managed service providers (MSPs) who use the platform to enhance their own offerings.
• Akerman explains that Rezonate invests in community education through resources like detailed guides, which have seen significant engagement and downloads among users seeking identity management insights.
• Akerman mentions successful deployments at companies like TX Group and Football TV, where Rezonate’s tools enabled rapid identification of identity-related risks, helping them bolster access security.

Managing the impact of non-human identities on security

• Akerman explains that non-human identities, such as service accounts and machine identities, are often granted extensive permissions and, if not managed well, can create significant security risks.
• Akerman highlights a growing recognition of the need for secure management of machine identities, as they can be exploited if left unchecked, just as human accounts are.
• Akerman predicts that managing non-human identities will become a priority, eventually integrating with IAM systems, to provide a unified, security-conscious approach to identity control.

The role of automation and AI in Identity Management at scale

• Akerman talks about the role of automation and artificial intelligence (AI) in managing identity at scale, explaining that they are essential, enabling quick responses, and being able to handle the vast volume of identities across platforms.
• Akerman describes how AI aids in tasks like provisioning, refining access controls, and detecting anomalies in user behavior, which significantly enhances identity management efficiency.
• Rezonate is exploring generative AI to simplify complex access-related queries, allowing teams to access information without needing deep technical knowledge, thus improving productivity.

Looking ahead: Rezonate’s plans and three core focuses

• Akerman talks about Rezonate’s goals for the end of the year and beyond, outlining the company’s three major focus areas: developing a unified platform for managing all identity types, extending security for SaaS applications, and implementing risk-based access mechanisms.
• The unified platform will provide seamless management and visibility across both cloud and on-premises environments, which is key to supporting complex, hybrid setups.
• Akerman anticipates that organizations, especially those implementing zero trust, will adopt risk-based access, where AI-driven systems determine access based on real-time security insights, elevating security and control.

Guest: Roy Akerman
Company: Rezonate
Show: Let’s Talk

This summary was written by Emily Nicholls.