Identity Management as an Emergent Ecosystem (part 1)
“The concept of an “identity as an emergent eco system” is that identity will not be a supporting process that will be tacked on to support the business process, it will be a central driving force that will act as a ”carrier wave” that will be central to delivering Cloud Services”
Identity management is an important technology due to its role in maintaining communication channels, automating business processes and providing information security services.
Identity management has historically been seen as an enabling technology that enhances productivity, communications, and security. The key role it typically fulfills is in the automation of many of the day to day mundane activities such as:
These tasks area are effective in improving communications, providing single sign-on services (password sync), request based access, role-based access control to organization resources.
Identity management infrastructure is what enables businesses and individuals to connect with the resources they need and to support the creation and ongoing maintenance of vibrant and secure communities.
However, the advent of the Cloud with SaaS (software as a service), Cloud App Providers have driven many organizations to rely on critical services and data that reside outside of the organization’s “walls”. This push is driven by the competitive nature of the market place, this “market place push” or drive fueled by the need for these service that the core IT doesn’t have the capacity to provide.
The SaaS Cloud App market place is truly compelling in terms or diversity, creativity and efficiencies that are not obtainable by traditional methods.
The "cloud services" where organization must turn to for creative solutions and services if they are going to compete effectively in today’s marketplace. These services also provide the organization greater capability to tap into and empower an increasing distributed and “on demand” workforce.
The competitive nature of the market place has in many cases driven individual business units to become consumers of these services regardless of whether the core IT can provide the necessary identity management services to protect the organization data, accounts and control employee access to SaaS or Cloud App data.
This “spring forward” acquisition of cloud services by the business units in the organization also controls the cloud service account’s internal business unit to acquire cloud service independently of the core. This “Spring Forward” approach to cloud service acquisition can also create a confusing, disjointed and fragmented approach to acquiring cloud Services, for example it’s not uncommon for organization to have multiple salesforce.com organizations.
This independent acquisition of services not only creates uncertainty around the security status of those services (Proper Account Controls) it also make it extremely difficult to make effective use of the organization’s accumulated cloud application data.
|
Proper account control, in general, references the capability of the organization to efficiently and effectively control the status of any account. For example you wouldn’t want to leave an account open for a separated or disgruntled employee.
|
This type of situation creates independent silos of information and creates challenges to keeping the data consistent and enabling timely access.
This approach can make it access the necessary services and data on an opportunity frustrating, time consuming, and confusing for the employee. Consider that the employees will have to remember 2 or more sets of credentials just to retrieve information and provide updates on any particular opportunity.
One very real take way from this conversation is that the cloud app or Saas based services are not only here to stay, but will be continuously evolving, and new services and technologies will be constantly emerging and re inventing themselves to remain relevant in the marketplace.
Part two will address how these cloud security challenges will bring forth a new opportunity for Identity Management to augment its role, and how SCIM (Simple Cloud Identity Management) will help address some of these issue.
Related Articles:
Real Life Identity Management Challenges and Solutions
Identity Management and the SMB: Using Scale Out IDM to Start Now
Original photo by king nikochan on Flickr