The era of identity-based applications 

Identity and access management (IAM) has always been a heavy burden for large organizations. Why? Multiple folks across companies—business people, software developers, IT operations, human resources, security, compliance auditors, etc.— play some role across the IAM spectrum.9 ways to bend Windows 10 to your will Customize Windows 10 to your liking, not theirs.READ NOWAs a result of this IAM group hug, technology decisions tend to be made tactically without any central oversight or integrated strategy. But this behavior may be changing. According to ESG research, 49 percent of large organizations claim they now have a formal enterprise-wide strategy in which IAM technology decisions are managed by central IT. In other words, someone in IT is now responsible and accountable for all IAM technology.+ Also on Network World: Security requirements are driving identity management +OK, that’s a good start, but these decisions are often driven by the need to streamline IT operations—a valid objective, but not nearly enough. In my humble opinion, we’ve entered the “me generation” of computing where most business applications should be designed and customized for identity. Identity-based applications can then be used to improve business processes and security.I realize I’m not the first person to write on this topic, but allow me to elaborate on some of my thoughts:1. Everything that touches the network must have a detailed identity. To some extent, this has been happening for years, but we need more than IP/MAC addresses or user name and password. The more identity attributes we have, the richer the identity experience. This is true for consumers (think Amazon and Google) and devices as well. If I know that an unmanaged device on the network hasn’t been patched in 6 months, I can deny network access or route the patient to a remediation VLAN. Oh and by the way, this is especially critical for making IoT applications productive and secure. Vendors such as Aruba (HP), Bradford Networks, Cisco, ForeScout, Pulse and Vidder will all play here.

Source: The era of identity-based applications | Network World

Be Sociable, Share!

Leave a Reply

Your email address will not be published. Required fields are marked *