Tom Kemp, Contributor
Cloud, Mobile and Social are clearly top of mind with Information Technology (“IT”) professionals today. These “Big Three” are being driven by the “consumerization” of technology trend — Bring Your Own Devices (“BYOD”) for mobile, Bring Your Own Apps (“BYOA”) for cloud and Software-as-a-Service apps and the desire for users to better collaborate ala Facebook and other social networks but within corporate boundaries — with end users vs. corporate IT driving adoption of all three. Increasingly the key linchpin for cloud, mobile and social is identity, and this consumerization trend may eventually lead to a Bring Your Own Identity (“BYOI”) trend within corporate IT itself.
As I discussed in a previous blog post on the “consumerization” of IT trend, this trend has spread beyond end users BYO-ing their devices but also end users and departments BYO-ing Applications in the form of deployments ofSalesforce.com, Box.net, Marketo, Google Apps, etc. as well as business-oriented social networking apps such as Yammer, Lithium and Jive. And these same users and departments are also even BYO-ing Servers (“BYOS”) by independently spinning up servers outside the firewall on Amazon and Rackspace. The net net is this consumerization/BYO trend is altering the economics of enterprise IT by shifting IT assets from outside the firewall to the cloud, meaning that IT departments are now a hybrid of on-premise and off-premise resources. Analyst groups such as Securosis refer to this as the “de-perimeterization” of IT.
This shift is also expanding the use of IT within organizations. Historically IT has primarily been about automating the white collar worker’s desk circa 1970 (think of the classic “inbox” and “outbox” on a white collar worker’s desk becoming digitized via an email system, typewriters being replaced by PCs running Microsoft Office, etc.). But now with the consumerization/BYO phenomena, IT services are further expanding to all users within an organization. Many users that have historically may have not had computing devices (e.g. nurses, retail sales, etc.) are now being given access to devices and applications to drive new productivities. Analyst Peter Christy at the Internet Research Group refers to this as an inversion of enterprise IT from an application-centric to a people-centric structure, where the emphasis historically for IT was on core business systems with today’s focus being on people and making them more productive and collaborative.
Besides the growing trend of end users’ devices not actually being owned by their employer but by the users themselves, the growth of multi-tenanted SaaS platforms and the deployments social networks for enterprises means that more and more back-end applications accessed by users are increasingly not owned or licensed by the IT organization, but rented on a subscription basis by the user’s department, or, in the case of file sharing sites, by the end users themselves. The end result of this rapid adoption of cloud and mobile platforms is not only that more IT resources are physically moving outside the firewall but are also outside the visibility, management and even ownership of IT and the employer.
Regardless of where the devices and applications reside, and who owns them, IT organizations still require controls over these resources that are accessing and/or storing corporate data consistent with security and compliance best practices. One key aspect of these controls is that IT organization must manage users’ digital identities and the corresponding roles and rights those identities have across mobile devices, servers and applications — i.e. IT still must manage who can access what business apps — even though they no longer own the endpoints or back-end resources. In other words, IT may not own the devices and apps their users are using, but they must own and own up to identity.
Managing identity is hard to do in a traditional data center comprised of heterogeneous systems and applications. But now throw into this mix the additional identity silos introduced with new cloud and mobile and social platforms, and it becomes even more difficult to ensure critical IT compliance and security tasks such as de-provisioning user access, running compliance reports and managing privileged user access are easily and fully implemented.
Another significant challenge arising from the adoption of cloud and mobile platforms is the increasing burden on end users to keep up with all the URLs and passwords they need to remember to do their jobs. I blogged about this previously in a post entitled the Problems with Passwords. Having a plethora of logins with differing password strengths, the frequent re-use of passwords, etc. clearly leads to security and risk issues. Having additional logins also leads to additional burdens (and costs) on the helpdesk regarding lost or forgotten passwords. At the same time end users are demanding ease-of-use and self-service to applications from their preferred computers, tablets and smartphones that may stretch what IT can deliver.
The end result means identity sits squarely at the intersection of cloud, mobile and social. IT organizations must now recognize that managing identity is one of the top security challenges they now face in a de-perimeterized and people-centric IT world. And in managing the identity problem they face the balancing act of enabling user access from the device and location of the user’s choice while addressing security and compliance risk concerns. Addressing this may take more careful thought and planning than the traditional security tasks of deploying anti-virus or deploying firewalls on an IT network.
Besides identity rising in significance in a cloud, mobile and social world, the traditional concept of identity is going to change and will be radically transformed itself by those three forces. For example, in the past a user could be simply identified by their User ID (i.e. username / password). But in today’s day and age, identity should also be about a user’s location, the devices and apps they use, etc. — e.g. don’t allow this person to login if they are outside of this location or using a different device, etc. In addition, identity itself will increasingly become a service (“cloud identity” or “Identity as a Service” aka “IDaaS”) where identity “bridges” in the cloud talk to on-premise directories or the directories themselves move and/or are located in the cloud.
And as I noted in a prior blog on smartphones solving the password problem, mobile devices themselves may help solve identity problems and act as proxy for a user’s identity, and can provide a higher level of security than traditional single factor authentication of username and password.
Finally, there will be an increasing movement to accept end users’ social credentials (e.g. a user’s Gmail login or Facebook account) as the means to login into corporate applications. This means that is very likely IT will soon not only will have to deal with BYOD, BYOA, etc. but also “BYOI” — Bring Your Own Identity, a trend that analysts such as Ian Glazer at Gartner are touting. The end result is that the arc caused by consumerization of IT that dramatically elevates the significance of identity will itself transform identity.
Subscribe to the blog to receive updates about:
AltaFlux understands what you and your organization need to excel, and can deliver rapid innovation to unleash your full workforce potential. Together, we can empower your business by streamlining, transforming, and optimizing your key HCM and talent processes with industry-leading SAP SuccessFactors technology—enabling you to adapt at the speed of change.
AltaFlux Corporation is a global HCM cloud consulting partner based in Troy, Michigan. We empower organizations by streamlining, transforming, and optimizing key human capital management (HCM) processes with industry-leading HCM cloud solutions like SAP SuccessFactors, Benefitfocus, WorkForce Software and Dell Boomi.