Identity as the New Perimeter: Enabling Zero Trust through Modern IAM
DOI:
https://doi.org/10.70917/ijcisim-2026-3156Keywords:
Zero Trust Architecture (ZTA), Identity and Access Management (IAM), Identity Governance, Conditional Access, Microsoft Entra ID, SailPoint IdentityIQ, Lifecycle Automation, Role-Based Access Control (RBAC), Risk-Adaptive Authentication, Segregation of Duties (SoD), Zero Trust Maturity, Cybersecurity Governance, Access Control FrameworkAbstract
The gradual loss in value of the traditional network perimeters is sending organizations to look elsewhere for an identity-centric approach. Modern enterprises require modern methods of access control; however, traditional static access control has made it impossible to effectively mitigate cyber threats that are constantly changing as organizations move to hybrid infrastructures and employees increasingly work from anywhere. A solution to this problem is a pattern where Identity and Access Management (IAM) systems act as the bootstrapping enabling layer for Zero Trust Architecture (ZTA). Continuous Identity validation, Contextual Policy enforcement as well other non-real time access control are integrated with SailPoint (For Identity Governance) and Microsoft Entra ID solution(for Real-time Access Enforcement). It focuses on lifecycle automation, risk-adaptive access decisions, and policy-driven compliance. In an enterprise case study, a 95% access certification completion rate was achieved, alongside a reduction of over 70% in manual deprovisioning tasks. Evaluation metrics and architectural components were aligned with leading standards, including NIST SP 800-207, ISO 27001, and Gartner’s IGA maturity model. Through this model, identity has been positioned as the strategic control plane for modern enterprise security in Zero Trust environments.