Agility has become one of the key success factors for organizations, which have to re-define their business models – and invent new ones – quickly. Time-to-market in many industries today is what makes the difference between success and failure. Agility drives business demand to IT.
Enabling the agile, connected business requires new concepts for Information Security. This new ABC (Agile Business: Connected) concept for both business management and Information Security means re-thinking how organizations manage access to their corporate information. This has to happen consistently, regardless of where information resides: Cloud or on-premise. This has to work for all types of users, not only the employees, but also business partners and customers.
The new ABC for Information Security: How to Support the New Types of Businesses � and Why
Agility is a key capability of successful organizations. Agility is the ability to quickly adapt the organization and the business model to new customer demands, innovations, and a changing competitive landscape.
We live in a time where virtually all business relies on IT. Whether this is retail, finance, or life sciences – business requires IT. The consequence is, that IT has to support business agility. No IT agility = no business agility.
One of the biggest changes we are currently observing is the evolution from stand-alone to connected businesses. New collaborative business models, tighter and more flexible integration of customers and business partners, and the upcoming IoEE (Internet of Everything and Everyone) are driving the evolution of businesses.
Cloud Computing, Mobile Computing, and Social Computing, the so-called “Computing Troika”, are already consequences of the business demand for agile and connected IT.
The challenge in this evolution is finding the balance between the business demand for agility and connectivity on the one hand and the IT and Information Security requirements on the other. Information Security can no longer think in terms of perimeters, devices, and system security. Martin Kuppinger will talk about business demands, opportunities and what to do in IT in general and Information Security in particular to support the business perfectly well.
The new ABC and the role of Cloud IAM
Secure access to Cloud services, on-boarding of external partners, access to collaborative industry networks and business partner applications: Securely enabling the “Computing Troika” of Cloud, Mobile and Social Computing is a must for any organization. Managing the identities and their access is a cornerstone therein. Is Cloud IAM the only answer on that challenge? What does it then need in Cloud IAM? How to integrate with the IAM you run on premises? And what else does it need for supporting the new ABC? Is this about an “API Economy”? And how to then secure machine-to-machine communication? Many questions. The panelists will provide answers.
Identity Relationship Management: From IAM to IRM
Identity and Access Management (IAM) services were traditionally built for a company’s internal use, to assist with manual on and off boarding, and establishing access privileges to company data and systems behind the firewall. Today though, a company must implement a dynamic IAM solution that serves employees, customers, partners and devices, regardless of location. This is the evolution of IAM to IRM: Identity Relationship Management.
As more and more people, devices, and “things” are assigned identities across networks, IRM services that are simple, flexible, scalable and designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
Identity Challenges for the Extended Enterprise
The Open Group´s “Open Platform 3.0” initiative focuses on the collective business and IT implications of current, disruptive technology developments such as Cloud, Social Media, Enterprise Mobility, Big Data and the Internet of Things (the list is not exhaustive). When several of these technologies are deployed by multiple collaborating enterprises, using products from different suppliers (as is increasingly the case), the need for effective communication and standards is clear. The Open Group has established a new Forum to carry this work forward.
Identity, not merely for access management purposes is clearly going to be a key enabling factor, whilst at the same time obvious issues for privacy and information protection arise. In this presentation we´ll present the Forum´s perspective on the requirements and on how they can be met, but our interest is not merely to provide information. We want to engage domain experts and others with concerns or opinions in discussion about both the available standards and what needs to be developed. This session is therefore intended to be interactive. We hope to gain input from the participants that will contribute to the solution.