Skip to main content

The Road To Identity Relationship Management

The Problems With Identity & Access Management

I am never a fan of being the bearer of dramatic bad news - "this industry is dead!", "that standard is dead!", "why are you doing it that way, that is so 2001!".  Processes, industries and technologies appear, evolve and sometimes disappear at their own natural flow.  If a particular problem and the numerous solutions are under discussion, it probably means at some point, those solutions seemed viable.  Hindsight is a wonderful thing.  With respect to identity and access management, I have seen the area evolve quite rapidly in the last 10 years, pretty much the same way as the database market, the antivirus market, the business intelligence market, the GRC market and so on.  They have all changed.  Whether for the better or worse, is open for discussion, but in my opinion that is an irrelevant discussion, as that is the market which exists today.  You either respond to it, or remove yourself from it.



Like most middleware based sectors, identity and access management has become a complex, highly optimized monster.  Tools on top of tools, to help you get the most out of tools you purchased long ago and sit at the bottom of the stack.  Projects are long and complex.  Milestones blurred.  Stakeholders come from different spectrums of the organisation, with differing goals and drivers.  Vendors have consolidated and glued together complex suites of legacy solutions, built on different frameworks and with different goals in mind.  The end result?  A confused customer and a raft of splinter point products that claim to offer speed and cost improvements to existing 'legacy' solutions.


The Modern Enterprise

I blogged recently about the so called 'modern' enterprise, and how it has evolved to include facets from the mobile, social and outsourced worlds.  Organisations have faced tremendous issues since 2008 when it comes to profitability, with shrinking markets, lower revenues and more stringent internal cost savings.  All of which, have placed pressure on identifying new and more effective revenue streams, either from developing new products faster, or by extracting more revenue from existing customers, by leveraging company brand and building better, more online focused relationships.  All of these avenues of change, rely heavily on identity management.  Firstly, by allowing things like online client registration to occur rapidly and seamlessly, right through to allowing new approaches such as mobile and cloud to be integrated into a single revenue focused platform.

The long and winding identity road - image taken by Simon Moffatt, New South Wales, AU. 2011
Gone are the days when identity management was simply focused on managing employee access to the corporate directory and email server.  Organisations are now borderless, with a continually connected workforce.  That workforce is also not simply focused on employees either.  The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves.  Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction.  If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.


Scale, Agility and Engagement

But what does this all mean practically?  New widgets, more sprockets and full steam ahead on the agitator!  Well not quite.  It does require a new approach.  Not a revolution but evolution.  Modernity in all levels, seems to mean big.  Big data.  Big pipes.  Big data centres.  Scale is a fundamental component of modern identity.  Scale, too can come in many different flavours.  Numbers yes.  Can you accommodate a million client registrations?  What about the process, flows and user interfaces that will be needed to manage such scale?  Modularity is key here.  A rigid, prescribed system will result in a rigid and prescribed service.  Flexibility and a loosely decoupled approach will allow system and user interface integration in a much more reusable way.  Languages, frameworks and standards are now much less about vendor sponsorship and much more about usability and longevity.  Modern identity is really about improving engagement, not just at the individual level, but also at the object and device level.  Improved engagement will result in better relationships and ultimately more informed decision making.

Ultimately economics is based fundamentally on clear, fully informed decision making, and if a modern enterprise can develop a service to fully inform and engage its client base, new revenue opportunities will sharply follow.





Popular posts from this blog

Top 5 Security Predictions for 2016

It's that time of year again, when the retrospective and predictive blogs come out of the closet, just before the Christmas festivities begin.  This time last year, the 2015 predictions were an interesting selection of both consumer and enterprise challenges, with a focus on:


Customer Identity ManagementThe start of IoT security awarenessReduced Passwords on MobileConsumer PrivacyCloud Single Sign On
In retrospect, a pretty accurate and ongoing list.  Consumer related identity (cIAM) is hot on most organisation's lips, and whilst the password hasn't died (and probably never will) there are more people using things like swipe login and finger print authentication than ever before.

But what will 2016 bring?


Mobile Payments to be Default for Consumers

2015 has seen the rise in things like Apple Pay and Samsung Pay hitting the consumer high street with venom.  Many retail outlets now provide the ability to "tap and pay" using a mobile device, with many banks also offer…

Customer Data: Convenience versus Security

Organisations in both the public and private sector are initiating programmes of work to convert previously physical or offline services, into more digital, on line and automated offerings.  This could include things like automated car tax purchase, through to insurance policy management and electricity meter reading submission and reporting.

Digitization versus Security

This move towards a more on line user experience, brings together several differing forces.  Firstly the driver for end user convenience and service improvement, against the requirements of data security and privacy.  Which should win?  There clearly needs to be a balance of security against service improvement.  Excessive and prohibitive security controls would result in a complex and often poor user experience, ultimately resulting in fewer users.  On the other hand, poorly defined security architectures, lead to data loss, with the impact for personal exposure and brand damage.

Online-ification: The Role of Identity

The Wikipedia entry for Digital Transformation, "refers to the changes associated with the application of digital technology in all aspects of human society".  That is a pretty broad statement.

An increased digital presence however, is being felt across all lines of both public and private sector initiatives, reaching everything from being able to pay your car tax on line, through to being able to order a taxi based on your current location.  This increased focus on the 'online-ification' of services and content, drives a need for a loosely coupled and strong view of an individual or thing based digital identity.