How Identity & Access Management is Underpinning New Business Models
Sweeping statements are seldom helpful. For instance, it’s all too easy to assert boldly that digital transformation is enabling organisations to redefine their business models. That’s certainly true, but the broad generalisation doesn’t tell you very much – or indeed anything – about what’s happening on the ground across multiple departments and business functions.
Drill down into any sizeable organisation and you’ll find a myriad of IT initiatives and software solutions. Some – say a messaging system or a room booking solution – may be rolled across the enterprise while others will be unique to specific functions, such as accounts, procurement or sales. Bigger projects will probably be sanctioned at board level and form part of a broad strategic plan but in many cases department heads will execute their own shadow IT projects.
What all this points to is increasing complexity in terms of managing access to an ever-increasing array of apps and systems. That is a challenge in itself, but it is one that is compounded by changes in working practices.
Twenty years ago, most employees worked at their desk using a company PC. Today, employees may also be working from home or on the move and, using phones, tablets and personal laptops, depending on their circumstances at any given time.
That’s only part of the picture. In addition to those on the payroll, a great many organisations supplement their workforce with contractors and freelancers, many of whom will be working from remote locations and requiring access to tools. We are very much entering the era of the “distributed” organisation.
Meanwhile, external stakeholders – notably suppliers, customers and business partners – must also be taken into consideration. A supplier may be accessing information on stock levels, shipping status and invoices on a day-to-day basis – again very possibly from a number of different devices and locations. At the other end of the value chain, customers are accessing their accounts to make purchases or manage services.
New Products and Services
All this is undoubtedly positive. IT is fundamentally changing not only the way that businesses work but also how they dynamically engage with customers and suppliers. At the same time, IT is also facilitating the development of new products and services. Indeed, a 2019 survey carried out by KPMG and Harvey Nash for CIO.com found that 44 per cent of businesses planned to radically overhaul their products services and/or business models within three years.
The Access Conundrum
But there is a fundamental question – namely, how does an organisation provide access for those who need it, while ensuring that systems and tools are secure?
And when we look at software, the scale of the challenge becomes apparent. In 2017, the Cloud Software Alliance published research suggesting that the average “enterprise” deploys 464 custom applications. This figure has no doubt increased in the last two years.
In parallel, what we’ve seen over the last ten years or so is an increasingly enthusiastic embrace of Software as a Service (SaaS). Initially, businesses were attracted by the cost-saving and the potential to bring new apps on stream rapidly via platforms operated by Amazon, Google, Microsoft, IBM and others but tended, however, to experiment with non-core applications. That has changed. Today increasing numbers of businesses rely on the cloud to deliver a huge range of internal and externally-facing functions.
So stepping back, organisations are managing access by thousands – possibly hundreds of thousands of internal and external parties – to an array of tools and systems delivered and operated by multiple suppliers.
Squaring The Circle
What is required is an efficient means to identify and authenticate users regardless of device and location.
There is a circle to square here. On the one hand, if users are faced with the prospect of using a number of logins across various apps – and perhaps also running into verification issues when attempting to log in on a range of devices – they may well resist or try to avoid using the tools. This could undermine a digital transformation initiative.
On the other hand, the login system has to be secure enough to prevent malign actors – or even curious members of staff who have no authorisation – from gaining access to a tool or data.
Point solutions aren’t really fit for purpose. That’s why identity and access management platforms have become vital enablers for digital transformation. Essentially, these platforms provide the technology to manage, identify, authenticate and grant access to users across every app and system deployed by enterprises and SMBs alike. The options include a universal sign-on, single sign-on or multi-factor authentication to protect core data.
Businesses across all sectors are using increasing numbers of apps and custom apps to become more agile, deliver new services and streamline their processes. New business and operational models will change organisations for the better. Identity Management is a key enabler.
Whether you’re an app/software developer, architect or the CTO, you’re likely to be involved in decisions concerning access and management (IAM).
Get the BRIEF containing 29 insights that include ‘mistakes to avoid’