The marriage of identity yin and security yang
April 07, 2009 (Cnet)
Jon Oltsik, a senior analyst at the Enterprise Strategy Group, wrote an article that was published in CNET News discussing IT security. He used the phrase 'identity yin and security yang' to discuss the marriage of identity and security.
Mr. Oltsik wrote that security folks think of identity in terms of authentication issues like password management, role-based access controls, or biometrics. But other aspects of identity like user provisioning, fine-grained entitlement management, and single sign-on usually live elsewhere in IT. When network access was restricted to internal employees, this division made sense, but identity and security can no longer remain apart. The marriage of these two IT disciplines will take place for a simple reason--identity and security must work together to enable modern business processes.
Mr. Oltsik continued to describe identity by writing that identity is all about who gets access to applications and data so in theory, strong identity skills let organizations get users more productive sooner than the competition. Think of identity management as the magical formula to unleash Metcalf's Law. More users come with a cost, however--a greater number of security threats from hackers, malicious code attacks, and data breaches. Thus IT executives must balance their ability to let users into the network with proportional safeguards to keep bad things from happening.
In concluding, Mr. Oltsik stated that social networking, the consumerization of IT, Web 2.0, or any other market-speak term you want, it is all about information sharing, collaboration, and business process improvement. IT must create an environment where users can access what they need and come and go as they please as long as they add business value while they are around. Public and private sector organizations headed down this path had better have their identity yin and security yang working together in harmony or they will either hold back the business or greatly increase security risk.
YOUnite's patented technology offers a unique solution to the growing problem of identity data security and access through the notion of "distributed sharing of personal identity attributes". By applying YOUnite's patented technology, for example, an individual or company could allow access of sensitive data to a third party without having to transfer that sensitive data to the third party's network. Moreover, the individual or company could selectively share any pieces of data with any specific entity on an individual and granular basis.
YOUnite's patented technology can increase identity data security and accuracy in an efficient and cost effective way, thereby solving the issue of the 'identity yin and security yang' discussed in the article by Jon Oltsik and raised by many IT professionals and CIOs.
For more information, please visit our website and while you're there, read through our Resources Section for specific Use Cases and White Papers.