Digital B2B Requires Updated IAM

Over the past 30 years businesses have been evolving toward managed services for their Information Technology deployment and operations. The terms ‘off-shoring’ and ‘outsourcing’ became analogous with perceived cost savings, scalability (up and down), and operational expensing (“OpEx”) for corporate tax purposes. Managing these Business-to-Business (B2B) partnerships effectively and securely requires new thinking when it comes to Identity and Access Management (IAM).

This dramatic sea change in how businesses manage their IT infrastructure introduces IAM challenges centered on external people/processes/things needing access to mission critical internal IT systems. Often, managed service providers (MSPs) require highly privileged access rights to deploy, configure, update and monitor IT environments from thousands of miles away. This challenge exists for enterprise IAM enablement of a broad range of vendors – not just MSPs. Network appliance and security vendors, participants in the company’s supply chain, even Human Resources and payroll services often require access to sensitive corporate systems, often from outside the traditional enterprise network security perimeter.

A range of approaches to this conundrum have been adopted over the ensuing 20 years or so, but in reality, no resounding ‘best practices’ for B2B integration have emerged. This report investigates more nascent B2B IAM approaches that may finally lead to the establishment a solid foundation for B2B integration that enables better information security and less IAM integration friction.