It’s time to rethink your identity management strategy


By Mike Vesey, CEO, IdRamp

The public sector has often lagged the market in digital innovation. But when it comes to identity management, it’s now a leader, putting identity management at the center of zero-trust initiatives.

As Carole House, director of cybersecurity and secure digital innovation for the White House National Security Council, said at a recent virtual conference, “Identity is at the heart of any implementation zero trust”. But is zero trust at the heart of today’s market-dominating business solutions used by the federal government?

We do not think so.

While identity management is supposed to be a solution, it is increasingly becoming a particular headache: it is often difficult to deploy and operate, is too rigid to encompass the diversity of critical business applications, and is not powerful enough to address emerging security approaches such as zero trust and integrate new services.

Worse still, the solution to what should already be a solution to this mess is to re-platform every few years, convinced that this time it will be different. You remain hopeful that it will be completed on time, that it will reduce friction and not aggravate the bad user experience, that it will meet all your business needs and adapt to new services and technologies – and in doing all of this, it won’t cost a fortune.

It’s time to stop buying expensive bridges to Failureland. It’s time to change our perspective on identity management away from what clearly does not work and habit rather operate and employ technologies that improve the functioning of the systems we have. It’s time to focus on technologies that simplify identity management, can be easily integrated, and provide a path to scale at a pace and cost that meets business and government needs.

This approach is called identity orchestration.

Why more of the same legacy management won’t work

Over the past two decades, digital enterprises have used monolithic centralized and federated platforms to manage identity. Known as “walled gardens,” these platforms absorb, store, and control immense amounts of customer data. As platforms, they are complicated to operate and slow to evolve.

Not surprisingly, an industry of identity providers has created many variations of these systems, all promising to provide newer and better solutions and all competing with each other with essentially the same product features. At the same time, cloud applications are integrating identity management features into their centralized repositories, making digital identity more difficult to manage and protect. Modern businesses now use multiple cloud providers and hundreds, if not thousands, of online services.

A single-platform, centralized identity management strategy is no longer viable. Enterprises must manage many identity management features across many service providers. They must reduce the risk of identity data proliferating across multiple centralized repositories. They need consistent trust policies that deliver a secure and seamless customer experience across all services. Adoption and removal of new features and services must evolve with the pace of business. For all these reasons, the generation of the centralized, monolithic and closed garden is not sustainable.

New versions of the same centralized approaches do not solve the underlying problems of digital identity management: weak security, reliance on centralized storage of personally identifiable information (PII) for verification, and all the confidentiality and consent that this creates; they simply add more expensive and complex implementation roadmaps.

Identity Orchestration makes your legacy system work for you

Complex operations, slow migrations, poor user experience, and identity sprawl vulnerabilities can be solved with a simple decentralized identity orchestration strategy. With this approach, an ID orchestration framework is used to quickly add and remove features, personalize the customer experience, and provide consistent trust policies across any range of service providers.

Instead of focusing on a centralized platform with extensive customization, the orchestration strategy focuses on no-code integration and rapid deployment for flexible and secure user experiences. The framework automates complex integration and policy management between service providers to reduce operational costs and increase business speed and security.

Decentralized identity orchestration allows you to easily solve these challenges without the need for platform upgrades or advanced development skills. It automates trust policies and integration between disparate vendors with zero code. It unifies your identity landscape into an agile fabric that lets you quickly design personalized, more secure, and user-friendly user experiences. And, most importantly, it provides a simple and elegant way to easily manage the continuous verification required by zero-trust security approaches.

Adapt now to handle Web 3.0

If walled garden platforms and centralization have failed to address identity issues in Web 2.0, they will struggle to master the massive scaling of identity in Web 3.0 to encompass machines and even non-digital objects. To put it bluntly, Web 3.0 will not be secure without decentralized and portable identities with strong privacy control features.

Orchestration is going to be essential to manage these emerging and rapidly changing digital ecosystems and to secure your business.

The time to build a way to handle all of this is now. The benefit will begin with the end of expensive centralized platforms that cannot provide the protection, flexibility, and privacy we need online today. Decentralized identity orchestration is your smart exit strategy, an exit door from more centralized spending, and a doorway into the future.

About the Author

Mike Vesey is on a mission to deliver transformational digital solutions for the global enterprise. He has developed award-winning products in the areas of unified communications, service operations, security, identity and data management. Mike has deployed complex identity integrations with some of the largest organizations in the world. He is the founder and CEO of IdRamp, providing a decentralized identity platform offering easy-to-implement orchestration, password elimination, verifiable credentials, blockchain ID, and service delivery. services.

DISCLAIMER: Biometric Update industry overviews are submitted content. The opinions expressed in this article are those of the author and do not necessarily reflect the opinions of Biometric Update.

Article topics

biometrics | cybersecurity | Decentralized ID | digital identity | identity management | identity orchestration | user experience | Zero Trust


Comments are closed.