Lessons from Identiverse 2025: Smarter Access, Stronger Outcomes

Amy Koczera, Global Public Relations Manager, Imprivata

Image of Imprivata team at Identiverse booth

Amid the headlines around machine identities and AI agents at Identiverse 2025, another well-known security practice garnered attention: access management. In presentations and conversations throughout the week, access management received refreshed attention as a strategic enabler of productivity, interoperability, and organizational performance.

In fast-paced, shared device environments like healthcare and manufacturing, the ability to log in quickly and securely is necessary for mission-critical work. At Identiverse, we heard from IT and security leaders who are keeping up with the demands of these environments by leveraging smarter access management solutions to drive business outcomes while enhancing security, compliance, and productivity.

Here are some of our highlights from the event.

Smarter access that enables productivity

A recurring theme was the shift away from traditional logins toward passwordless access, single sign-on (SSO), and multifactor authentication (MFA) solutions that prioritize usability and security. These tools have proven effective in helping organizations eliminate login delays, reduce credential fatigue and disruption, and deliver frictionless and secure access across teams and devices—with organizations saving an average of 45 minutes per user, per shift.

In fast-paced workflows like healthcare, where gaining access to information can be life-critical, "You can't force people to type a 32-character password [on a mobile device],” said Chip Hughes, Chief Product Officer at Imprivata, in an interview with Adrian Sanabria on the Security Weekly podcast, emphasizing the importance of the security these passwords provide, but suggesting the traditional login approach can be counterproductive in these complex environments.

Logins can waste precious time and lead to workarounds that introduce more gaps. Thanks to personal mobile devices, people are used to passwordless authentication—so when that same experience isn’t reflected in the workplace, it can easily lead to frustration and friction.

Whether on a shared mobile device or desktop computer, fast and reliable access is needed to keep workflows moving and maximize the value of technology. It’s what enables organizations to deliver measurable improvements in productivity while strengthening cybersecurity postures which many perceive as a tradeoff…but it doesn’t have to be.

“We’re trying to eliminate that decision and make it really easy for our customers,” said Chip. By making passwordless authentication possible on any device or system—legacy, on-prem, or cloud based—organizations can strike that balance between security and compliance, without compromise.

Access as an operational advantage

Shared device environments are often hybrid ecosystems, made up of legacy and on-prem technologies that are heavily relied on to keep operations running, while cloud and SaaS based systems are also utilized. But ensuring access management solutions are integrated with all these systems can be difficult, especially because many were built for cloud environments.

However, at Identiverse, Chip explained in his session “Share Devices, Not Data” how organizations can utilize smarter access management solutions to solve that challenge. By leveraging solutions like Imprivata Enterprise Access Management, tailored to work across legacy and cloud technologies, organizations can adopt secure access as the connective tissue between infrastructure, systems, and users.

Photo of interview at Identiverse

This level of interoperability is essential in healthcare, where workflows span electronic health records (EHRs), communication platforms, and third-party tools. But it’s just as relevant in manufacturing, retail, and government sectors, where users rely on multiple apps and systems throughout their shift and in their workplace, requiring fine-grained access controls and security mechanisms to ensure data is kept safe and consistently accessible

As organizations face IT talent shortages and stringent cybersecurity budgets, many are being forced to do more with less, making it critical to optimize existing technologies.

“We’re really focused on how we can provide secure access in a cost-efficient way,” said Chip. Whether by sharing devices and implementing a shared device access management strategy, or by optimizing data to identify gaps and slowdowns in processes, strategic access management is being embraced as a tool to drive measurable ROI, with productivity gains from streamlined user access resulting in $3.9M in savings annually, in some cases.

Real-time, adaptive access for a complex threat landscape

Beyond enhancing productivity, themes at Identiverse also focused on preparing for the growing complexity of enterprise risk and zero trust models. As organizations embrace automation, AI, and cloud-scale operations, they must manage a rapidly expanding web of access points, not just for employees, but also for non-human identities, privileged users, and third-party vendors.

Sessions explored how emerging threats, fueled by the ease of exploitation via generative AI and the proliferation of unmanaged machine accounts, are making it easier than ever for attackers to compromise systems through misconfigured, inadequate, or over-permissioned access.

This shift underscores the growing need for privileged access management (PAM) and vendor privileged access management (VPAM) strategies that can deliver real-time visibility, dynamic provisioning, and context-aware enforcement across internal and external user populations.

In a Zero Trust world, trust must be earned continuously, not only for frontline users on shared devices, but also for contractors, IT admins, and suppliers performing autonomous tasks. That’s why organizations are now looking to extend their access strategies beyond traditional identity and access management (IAM), layering in controls that support:

  • Credential-per-task enforcement
  • Granular role- and risk-based access permissions
  • Session auditing and behavioral monitoring for privileged users
  • Secure vendor onboarding and access governance
  • Just-in-time access for high-risk systems
  • Control mapping and privacy compliance

When done right, these capabilities mitigate cyberattacks, strengthen oversight, and empower teams to enable secure productivity at scale without slowing down mission-critical operations.

Access as a strategic business enabler

At Identiverse 2025, access management was recognized as a strategic enabler of workforce productivity and technology performance, not just a security layer. When organizations unify fragmented systems and optimize workflows with trust and visibility, they reduce support costs and empower their teams.

By delivering secure access that is cost-effective, frictionless, and adaptive, organizations can support critical care workflows, mitigate risk across privileged and vendor access, and drive smarter, data-informed decisions—proving that smarter access management is a foundational layer of operational success.

Photo of Imprivata booth activity at Identiverse Photo of Imprivata booth activity at Identiverse Photo of Imprivata booth activity at Identiverse

To learn more about how to implement smarter access management strategies at your organization, download our passwordless whitepaper.