ident i ty of an end user through the one device that he or she used: a desktop computer. Even then, identity and access management (IAM) was no simple task: End users were constantly changing jobs, applications, and locations on the internal network, and their identities and access privileges had to follow. Today, IAM is light-years more complex. End users are accessing corporate data from any number of locations, using any number of devices and applications. The onpremises corporate network is now supplemented by any number of cloud networks, and the endpoints and servers are often part of virtual environments, in which the computing may be done on a variety of systems. Enterprise IT departments are only just beginning to wrestle with the Internet of Things (IoT), which could add a whole new array of devices to the end user s portfolio.