The Convergence of Identity and Mobility

I just got back from the Gartner IAM Summit in Las Vegas. As always, it was a great summit chockfull of impressive speakers, informative content and valuable networking opportunities. In many of the sessions that I attended, a common theme was the convergence of identity and mobility. It was great to hear Gartner validating what we at Centrify have believed for quite some time.

In fact, we were the first to deliver an integrated Identity-as-a-Service (IDaaS) and Enterprise Mobility Management (EMM) service back in 2012. Back then IDaaS and EMM were very distinct markets addressing different customer problems. So, why did we go out on what appeared to be a limb back then?

Because we firmly believed that any identity solution worth it’s salt would need to secure the user and the mobile device. Mobile is essential for identity management, and identity management is essential for mobile.

Why Mobile and Identity Go Hand in Hand

handsThere was a time when enterprise IT had control of the desktop PCs and laptops that their workforce used. They knew what applications were installed, and all the corporate data was protected behind the firewall, much like a bank vault. Secure access was very much about answering the question “Who are you?” If I could provide the right credentials, I was granted access.

But with the advent of cloud applications and infrastructure, mobile devices and ubiquitous connectivity, IT is losing (some would argue that IT has already lost) its perimeter security. You see, in today’s cloud-enabled and mobile world, work happens everywhere — not only within the four walls of the organization. It happens on personally owned mobile devices and Macs that connect to cloud applications like Office 365, Salesforce and Dropbox from any network.

This digital workplace introduces more risk with untrusted devices, cloud apps and networks. It also requires a change in how we protect information. Identity and access are no longer simply about who the user is, but also about what cloud apps she’s accessing and from what device she’s accessing this data.

Today, it’s about identity — of the user and the device. Secure access requires context, or what Gartner refers to as “contextual trust.” And guess what? Mobile provides the data to enable contextual trust or context-based authentication:

  • Is this a known device ID or a managed device?
  • Is it configured to comply with external and/or internal security policy?
  • Does the device have the proper certificates?
  • Where is it a located?

Mobile and Identity Strengthen Security and Improve User Experience

That’s right. I said strengthens security and improves the user experience. When was the last time you heard those two things together?  Security and user experience are generally considered diametrically opposing forces, like the Empire and Rebel Alliance in the legendary Star Wars saga.

egjudnzumti_o_luke-skywalker-vs-darth-vader

Stronger security generally means a more cumbersome user experience that spurs users to circumvent the very security IT put in place. But when we combine mobile and identity, IT can evaluate credentials and context. That means stronger security because access decisions are smarter. It also means a better user experience because access becomes more seamless, allowing users to get to the right resources at the right time.

Managing the Mobile and Identity Convergence

As the workplace gets more mobile and cloud-driven, how can you and your organization take advantage of the mobile and identity merger? Here’re three recommendations from the conference that really struck a chord with me:

  1. Authenticate the user and the device whenever possible. Mobile devices are woven into the fabric of business (and daily) life. According to a recent Cisco report, the number of connected mobile devices now surpasses the number of people on Earth. Most employees use multiple mobile devices for work. Rob Smith, Research Director with Gartner’s Mobile and Client Computing team, uses eight! With so many devices potentially connecting to corporate resources, it’s vital to authenticate the device as well as the user.
  2. Implement contextual or adaptive authentication. Mobile devices provide indispensable data that establishes context needed for smarter access controls. Context-based policy and access bolster security by helping ensure access is granted to only trusted devices. At the same time, it provides a better user experience by enabling easier access to get work done.
  3. Reduce cost and complexity by consolidating vendors. There’s no question that IAM and EMM are converging, but not all mobile and identity solutions are created equal. The key is to evaluate whether your IAM and EMM vendors have enough functionality in both mobile and identity to allow for consolidation. (more on this in an upcoming blog) At Centrify, we recommend customers use our integrated EMM capabilities in parallel with their existing EMM to determine if it will meet all of their required use cases. We’ve already helped several customers save money by replacing an existing EMM with Centrify Identity Service.

Centrify is at the forefront of the mobile and identity convergence. I invite you to learn more about how we can help your organization take advantage of mobile and identity to strengthen security and improve user experience.