Who are you? And can you prove it? These are the two questions your technology asks you every morning. And we now have a variety of ways to answer them: from typing complex, though hopefully memorable, passwords, through to scanning our finger prints on our phones.
Identity management is a critical part of our IT experience, protecting our data and ensuring that our confidential information is kept away from prying eyes. When you think about it, business mobility is also driven by identity. From managing your calendar, accessing emails, ordering a taxi or buying food – each application is tied to a specific identity, perhaps an IP address, work profile or social media account. On our personal devices authentication is simplified and built for easy access, often bypassing sign-in to favor a federated identity approach in which all apps are accessible once the hardware is initially unlocked.
However, when it comes to organizational processes – such as storing customer data, or calculating payroll financials – this level of security simply won’t cut it. In order to stay compliant with industry guidelines, businesses must place their data behind more complex barriers as a protection against external threats. This poses its own challenges: while users expect a ‘consumer-simple’ experience, balancing it with the requisite level of enterprise security is near impossible. For users, trying to access organizational data can seem more trouble than its worth – requiring VPN access for some applications; two factor authentications for others. Productivity slows down, employees become frustrated and the benefits of a mobility investment are quickly eroded.
This is the crux of the issue: tech only works if the process is understood by user – anything else is a failure. Addressing the issue of identity management means thinking about two areas: authentication and security.
Unlocking Access
Although written passwords have long been the preference for security, the tide is beginning to turn. Once again consumer demand has been the catalyst for organizational change; for today’s technology users, now accustomed to accessing their mobile devices via a fingerprint, having to type long passwords to access their organization’s IT seems terribly old fashioned. Part of the emerging advancements in biometric security, thumbprints are also accompanied by retinal scanning as well as facial and body language recognition. All this means that while data will be stored securely, access will be easier than ever.
Bringing it to the Business
Identity management will always be crucial, and biometric authentication is just one method that we will see organizations using in the future. There are, however, other software-driven systems – such as key-stroke tracking – which can bridge the gap and help change an organization’s culture in preparation for a more fluid and dynamic IT system. While the enthusiasm and desire for improved accessibility may be there, the technical know-how is not always present. With many organizations operating with legacy infrastructure, it can be a challenge to bring newer technologies into the IT estate. Businesses need a technology partner that can help them bridge this gap.
In the cloud era, identity management needs single sign-on so that IT can continue to manage the one-to-many relationship between a user’s corporate identity and all the other identities they carry across the cloud in both SaaS and Mobile Apps. When a user arrives, or more importantly leaves a job, access should be granted or revoked immediately. And for time strapped IT departments, this should be streamlined and automated, eliminating the manual – and error-prone –ticket processes typically used to provision and de-provision users.
The old world of perimeter defense is dead, now a CIO will find that their organization’s applications and information are everywhere, both inside and outside the walls of the data center. At its heart, modern identity management is about understanding and controlling the sprawl of data and applications. For employees, it is about having an access to an identity that is ‘consumer simple, enterprise secure’; an online version of themselves that the organization’s infrastructure will recognize and let into the system quickly.
You know who you are, so should your business.
