Wp Sec Quocirca Digital Identities

download Wp Sec Quocirca Digital Identities

of 37

  • date post

    03-Apr-2018
  • Category

    Documents

  • view

    214
  • download

    0

Embed Size (px)

Transcript of Wp Sec Quocirca Digital Identities

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    1/37

    Digital identities and the open business

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    2/37

    Identity and access management as a driver for business growth

    C:\Users\Bob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\GRCSXTGE\Bob CA IAM 2.jpg

    February 2013

    Identity and access management (IAM) systems are today used by the majority ofEuropean enterprises. Many of these are still installed on-premise but increasingly theyare being supplemented by the use of on-demand IAM services (IAMaaS). The overalluptake represents a big increase from when Quocirca last surveyed the market in20091.

    Whilst IAM is important for managing the access rights of increasingly mobileemployees, three other major drivers have encouraged businesses to invest despite thetight economic conditions: the opening up of more and more applications to externalusers, the growing use of cloud based services and the rise of social media. Theultimateaim with all three is to nurture new business processes, thereby finding and exploitingnew opportunities.

    This report presents new research into the use and benefits of IAM and the relationshipit has with these three drivers. The research is based on over three hundred interviewswith senior IT managers in medium sized to large organisations in a range of businesssectors across Europe. The report should be of interest to anyone wanting to betterserve all types of users, whilst still keeping control over applications and dat

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    3/37

    a.

    Bob Tarzey

    Quocirca Ltd

    Tel : +44 7900 275517

    Email: bob.tarzey@quocirca.com

    Rob Bamforth

    Quocirca Ltd

    Tel: +44 7802 175796

    Email: rob.bamforth@quocirca.com

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    4/37

    Digital identities and the open business

    Identity and access management as a driver for business growth

    Effective identity and access management (IAM) is seen as an essential tool forenabling open interaction between a businessand its users, be they consumers, employees or users that are employees of otherbusinesses, such as partners or customers.

    Many businesses now havemore external users thaninternal ones

    The majority of businesses now open up at least some of their applications to external users,with 58% saying they transact directly with users from other businesses and/or consumers.The scale of the business processes they are running that require this will often mean thenumber of external users exceeds internal ones. This has led to a rise in the uptake of IAMsystems with advanced capabilities to handle multiple types of users.

    Advanced IAM also helpsorganisations embracecloud services and socialmedia

    97% of organisations that are enthusiastic about cloud-based services have deployed IAM ingeneral and 65% are using IAM-as-a-service (IAMaaS); only 26% of cloud avoidersuse anyform of IAM. The single-sign-on (SSO) capability of such services acts as a brok

    er and acentral place to enforce usage policy between users and both on-premise and on-demandapplications. Many businesses also recognise the value of social media, with thetopmotivation being to identify and communicate with potential customers.

    Deployment of IAM hasincreased markedly in thelast three years

    When Quocirca last researched the IAM market in 20091, 25% had some form of IAMin

    place, with 52% saying it was planned although, for many, those plans were delayed.However, regardless of the ensuing tight economic conditions, 70% have now deployed IAM.For 27% this is a totally on-premise system, however, 22% have already chosen touse a pureon-demand system, whilst 21% have a hybrid deployment.

    The number of sources ofidentity is extending well

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    5/37

    beyond in-house directories

    Active Directory is the most widely used primary source of identity for employees (68% ofrespondents). For users from customer and partner organisations the most commonsourcesof identity are their own directories (1112%). Secondary sources include the membershiplists of professional bodies, for example legal and medical practitioners (78%) andgovernment databases (23%). 12% use social media as a primary source of identityforconsumers, 9% say it is secondary. These fairly low use rates of alternative sources suggestan untapped business opportunity, perhaps because currently deployed IAM tools do notfacilitate it.

    IAM eases a number ofmanagement challenges

    The top IT management challenge eased by IAM is the enforcement and management o

    faccess policy. However, it is also about improving the user experience by providing easyfederated access to multiple applications and enabling user self-service. Whilstthere aremany benefits for businesses to be gained from effective IAM it seems likely that ITdepartments are under-selling these benefits.

    The benefits of IAMaaS, inparticular, are widelyrecognised

    The potential of IAMaaS is widely recognised even by those with pure on-premiseIAMdeployments. Lower management and ownership costs along with improved employeeproductivity top the list, with ease of integrating external users not far behind. Those whomake extensive use of cloud-based services are especially likely to recognise the benefits ofIAM in general and select IAMaaS in particular.

    Conclusions

    Having an identity and access management system in place is now seen as an imperative by many businesses to achieving a widerange of IT and business goals. Those organisations that lack effective IAM arelikely to lag behind their competitors in many areas

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    6/37

    as more and more business-to-business (B2B) and business-to-consumer (B2C) transactions move online, cloud services becomethe mainstream source of IT applications and services for many businesses and social media takes centre stage as a source ofidentity.

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    7/37

    Introduction identity as the new perimeter

    Identity and access management (IAM) is all about abusiness authenticating and understanding its users.This includes its employees, but also the growingnumber of external users that a given business allows toaccess its applications (Figure 1), both those installedon-premise and those that are subscribed to as on-demand services. Identity and access management(IAM) systems are increasingly being seen as the bridgebetween users and applications; either of which can beinside or outside of the firewall that has traditionallybeen the boundary of a given organisations IT systems.This has led to the concept of the identity perimeter2.

    Some organisations say they no longer even have office-based employees, with all employees being consideredas mobile (just 8% said they had only office-basedusers). However, the biggest change is the degree to

    which consumers and the employees of customerorganisations are being given access; 58% of thebusinesses surveyed have now opened up applicationsto users from customer organisations, consumers orboth (the figure of 58% is derived by adding togetherthe numbers for those who interact with consumers andthose that interact with users of customer organisationsand subtracting from the total those who say theyinteract with both). The main motivator is to transactdirectly with these external users online (Figure 2).

    IAM is also about making sure all users have convenientaccess to the resources they require, whilst maintainingappropriate levels of security and privacy and ensuringcompliance requirements can be met. It is not about thecreation and storage of identities per se. As this reportwill go on to show, effective IAM enables the federateduse of a wide range of existing sources of identity. It alsoprovides the balance between opening applications upto mobile and external users whilst making sure thoseapplications, and the data to which they provide access,is appropriately protected.

    The degree of transaction with external users varies bysector. With growth in use of online banking, financialservices organisations are the most likely to beinteracting with consumers, with 54% already doing so,along with government organisations, 49% of which arealready transacting online with citizens. Telcos (asservice providers) lead when it comes to directinteraction with users in business customerorganisations with 48% doing so already, with

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    8/37

    manufacturers coming in second at 42% with their

  • 7/28/2019 Wp Sec Quocirca Digital Identities

    9/37

    complex supply chains. The profile of interaction islikely to change over time as the benefit of directinteraction is increasingly recognised and more andmore products and services are sold directly.

    Beyond the opening up of applications to externalusers, there are two other major drivers for IAM.

    First, there is the increasing acceptance and take upof cloud services (Figure 3). The researchunambiguously shows that those organisations thatare making wide use of cloud services have alsoinvested in IAM (see later section on IAMaaS). Themain reasons for this are that IAM eases the wayaccess to cloud-based services is granted and revokedand once a user has logged on once they can be givenimmediate access to multiple cloud services.

    Second is the rising use of social media (Figure 4), which can help businesses to better understand customerpreferences and improve the overall customer experience. Many think there is huge business potential here;however, the number one reason for working with