Enterprise identity is changing. While we might have once only talked of employee identity, now we’re increasingly talking about customer and partner identities. Soon - we’re all going to be talking about device identity. Many enterprises have not kept up.
Digital identity has changed but our technology hasn’t
Although enterprises are rapidly undergoing digital transformation, this part of their infrastructure hasn’t accelerated with it, and it’s holding them back.
A few decades ago, enterprise directories managed most of our identity needs. Since then, the number of corporate identities in those stores has grown, but our identity needs have expanded too. The introduction of customer and partner identities have exploded the amount any one enterprise has to deal with and the fast acceleration of the IoT has now introduced the enterprise to device identities.
As the number of enterprise apps has increased, so have new authentication methods and identity tools made their way into already crowded environments. Those legacy tools hold enterprises back by often not allowing integrations with new apps and technologies.
Modern app developers expect to deal with modern identity standards, and in many cases their new apps are delivered to enterprises who do not support those standards and are stuck in a mire of proprietary integration.
Where integration is not possible - new identity and access management tools often have to be built or bought - solving one problem, but further bloating infrastructure.
Enterprises often undergo any number of processes that add to that. Successive acquisitions and mergers add yet more tools, identities, repositories and data - often duplicating the functions of pre-existing infrastructure and creating further drag.
The result is a fractious mess. Directories are left bloated, identities are left in a tangled heap, enterprises find themselves with tools everywhere, but with no one clear way to manage them, and digital transformations are halted in their tracks. Instead of solving identity problems holistically, we’ve perpetuated an endless cycle which treats symptoms but exacerbates the cause.
Users hate it
This arrangement leads to an inconsistent, encumbering, unproductive user experience. They’ll forget passwords; create weak or duplicate ones; they'll break and lose their authentication tokens; and get locked out over and over again. The average employee wastes nearly 11 hours a year entering and resetting passwords. That time could be far better spent actually working.
Tools for a network that no longer exists
As long as enterprise identities are not centrally managed, security will be at risk. Fractious authentication creates an inconsistent security posture and all manner of holes for an attacker to exploit. The reliance on multiple passwords creates more points of failure - all an attacker has to do is guess one of the many passwords a user has to maintain.
Those failures stem from an outdated conception of the network which places too much faith in the perimeter. New technologies and ways of working have effectively rendered the perimeter too inconsistent to police. Concepts like Zero Trust have arisen to replace that antiquated notion and put identity at the center of enterprise security. Security needs to go wherever your people are and legacy identity was not built for that environment.
Halting digital transformation
This makes it harder for enterprises to pursue digital transformation. Old systems often aren’t cloud ready, meaning that organizations can’t extend apps securely into the cloud, frustrating cloud migration.
Organizations will need to find a way to manage device identities. Many organizations are rightly taking advantage of the IoT. Without a clear way to manage the identities of the potential hundreds of devices within an IoT deployment - organizations will struggle to profit from this transformative technology.
Establishing a single source of truth
In order for enterprises to accelerate their digital transformations, remain secure, maintain compliance and provide a consistent, productive user experience - identity and access management must be enshrined as the single source of truth within the enterprise, centralized in an authentication authority.
Doing so will first address the sprawl of unmanaged identities and authentication methods within the enterprise. With an authentication authority, enterprises can discover their local identities and onboard identities from partner and social identity sites - managing them under one platform.
So too will it allow centralized management of new and legacy apps. As long as it is built for open standards, an authentication authority will allow enterprises to develop and bring in new apps using a unified system of authentication which ensures consistency.
"With an established authentication authority in place, enterprises can distribute application onboarding and management using self-service identity and access management to business application teams"
With an established authentication authority in place, enterprises can distribute application onboarding and management using self-service identity and access management to business application teams, relieving burdened IT teams and promoting the agility and speed that businesses demand.
That trickles down into the user experience. The simpler authentication process - which could include single sign-on and password-less authentication options - will cut down on user friction, passwords and most of the security problems and lost productivity that comes with them.
With that fixed - an organization can accelerate their digital transformations. Identities can be integrated into new projects and technologies and the enterprise can more ably move into the cloud.
While enterprises have sped forward, notions of identity have not kept up. The desire for digital transformation is strong and increasingly necessary for businesses.
Although many are moving in that direction, their progress is slowed or sometimes halted by the accumulated baggage of neglected identity infrastructure. Enterprises can catch up by establishing an authentication authority as their objective single source of truth for identity.