FE Analytics FE Investments Client Portal FE CashCalc Data Partner Portal Dissemination Portal
United Kingdom France Australia Germany Switzerland Italy Spain Hong Kong S.A.R. Singapore Luxembourg

Why Centralized Identity Management is important and how to get there - PART I

IT departments of many small or medium enterprises have been maintaining multiple identity solutions for their various products due to custom business requirements since their start-up days. Those solutions might be a combination of the below. Author: Natarajan Sennappan

14 December 2020

IT departments of many small or medium enterprises have been maintaining multiple identity solutions for their various products due to custom business requirements since their start-up days. Those solutions might be a combination of the below:

  • Forms-based Authentication
  • AD Authentication
  • Custom Centralised Identity solution

This series of blogs will focus on why centralised identity management is important for your enterprise by ensuring that you have:

  • Realised the consequences, challenges and lost opportunities - Part 1
  • Performed the required assessments in an effort to consolidate your identity solutions - Part 2
  • Chosen the identity solution that fits for your enterprise - Part 3
  • Steady path towards migrating your application and users - Part 4

In this part, I will explain the significant consequences, challenges and lost opportunities of having multiple identity systems for your applications or products.

Violating Data Protection Regulations around the world

Being aware of the data protection regulations around the world is very important, especially the ones where your enterprise operates and provides services. These regulations demand that user's personal information must be protected from accidental leakage and shared with them when the user requests it (in most cases). Hence organisations should store only the required and relevant user data.

Fig.2

Generally, every enterprise must have a dedicated security officer to uphold these regulations. When multiple applications have their own way of identifying and authorising the user, it becomes very difficult to audit and maintain the regulatory compliance for the security officer. It is not just difficult for the security officer, but more painful for an enterprise to spend valuable time and money to ensure that it doesn’t violate any regulations.

Out-of-date and non-standard Identity solutions

During the early 2000s, were enterprise standards prevailed such as SAML, WD-FS, they were intended to be used within the work environment of your organisation.

Between 2000 and 2010, many start-up companies used to put their energy towards bringing their products to the market quickly. In the process, they failed to give much attention to the standards and best practices for authentication and authorisation of their application users.

Fig.1

As an outcome, many different custom and non-standard way of authentication and authorisation solutions were developed, which eventually became out-dated by 2010, given the evolution of OAuth (which was originally released in 2010 and OAuth 2.0 was released in 2012).

Over the past two decades, multiple open standards of authentication and authorisation have evolved. This picture explains the evolution of the Open Standards.

Hence it is important to get rid of the out-dated solutions because it adds to your list of existing technical debts. Also, you don’t want to fall behind your competitors when you are putting so much effort towards integrating third party vendor solutions.

Inconsistent sign-in experience for users

By maintaining multiple identity solutions for various applications in your enterprise, you are not doing justice to your valuable customers. From users' perspectives, they have been forced to maintain multiple credentials to access your products. It provides bad and inconsistent user experience.

Denying unified view for your sales team over managing user accounts

In addition to providing inconsistent experiences to the users, it also becomes an overhead for your sales team, in handling the redundant accounts of users, clients, etc. It forces your sales team to manually consolidate the user accounts across different products which makes it difficult:

  • To manage the life cycle of users efficiently across different applications.
  • To improve the effectiveness of on-boarding your existing users to new services.
  • To identify cross-selling opportunities.

Delays your progress towards sharing services securely within organizations

In order to provide innovative and value-added services to your customers, any enterprise will look to share services within themselves to develop new products, but in a secured manner. Service authorisation becomes critical when it must be consumed by the trusted parties only and should be denied for anyone else. It requires unique effort to configure, integrate and test services with different authorization techniques.

To be continued...

In Part 2, we will see how to perform assessment on your identity solutions against industry standards protocol.

Author: Natarajan Sennappan

 

 

Tags