INTELLIGENT BRANDS // Enterprise Security
Death to passwords: identity
management in the modern age
With every application tied to a specific identity, digital advances
are making security tighter and access easier, says Deepak Narain,
Regional Presales Manager, MENA, VMware
Who are you? And can you prove it?
These are the two questions your
technology asks you every morning.
And we now have a variety of ways to
answer them: from typing complex,
though hopefully memorable, passwords,
through to scanning our fingerprints
on our phones. Identity management
is a critical part of our IT experience,
protecting our data and ensuring that
our confidential information is kept away
from prying eyes.
When you think about it, business
mobility is also driven by identity. From
managing your calendar, accessing
emails, ordering a taxi or buying food
– each application is tied to a specific
identity, perhaps an IP address, work
profile or social media account. On
our personal devices, authentication
is simplified and built for easy access,
54
INTELLIGENTCIO
often bypassing sign in to favour a
federated identity approach in which all
apps are accessible once the hardware
is initially unlocked.
However, when it comes to
organisational processes – such as
storing customer data, or calculating
payroll financials – this level of security
simply won’t cut it. In order to stay
compliant with industry guidelines,
businesses must place their data behind
more complex barriers as a protection
against external threats. This poses
its own challenges: while users expect
a ‘consumer-simple’ experience,
balancing it with the requisite level of
enterprise security is near impossible.
For users, trying to access organisational
data can seem more trouble than its
worth – requiring VPN access for some
applications; two factor authentication
for others. Productivity slows down,
employees become frustrated and the
benefits of a mobility investment are
quickly eroded.
This is the crux of the issue: tech only
works if the process is understood by
the user – anything else is a failure.
Addressing the issue of identity
management means thinking about two
areas: authentication and security.
Unlocking access
Although written passwords have long
been the preference for security, the
tide is beginning to turn. Once again
consumer demand has been the catalyst
for organisational change; for today’s
technology users, now accustomed
to accessing their mobile devices via
a fingerprint, having to type long
passwords to access their organisation’s
IT seems terribly old fashioned. It is also
www.intelligentcio.com