I recently started a day with a morning run across the Golden Gate Bridge. It was as inspirational as it was reflective, as I ran from the peninsula of San Francisco over to Marin County. It is these moments in life when epiphanies seem to appear and the future gains focus.
Looking back over the past 12 months, Cloud-based apps lost their "controversial" tag and shifted to mainstream enterprise IT. "Big data" came along and challenged the Cloud as the most debated topic of 2012, primarily driven by the commercialization of Hadoop and other no-SQL data methods that were once only available to big Internet companies.
And finally, “BYOD” rolled off the tongues of all IT executives who found it futile to block the tide of tablet and smartphone adoption. At Ping, we saw these trends first hand as our team was actively involved in planning and implementing Cloud, big data and mobile projects everywhere.
The sleeping giant awakens
While Ping has dedicated years to identity and support of the world’s largest bleeding-edge organizations, we have always believed this technology was the sleeping giant in the overall security category.
And we think it is clear now that these emergent trends - Cloud, big data and mobile - will wake that giant as companies discover authentication and authorization, API gateways, and provisioning tools as the keystones for metering access control, protecting data and managing devices.
Experience tells me that 2013 is the year identity becomes a top-priority project in every IT department taking on the disruption from these major trends.
Bridging the gaps between internal and external
We think the concept of an "identity bridge," which links cloud and on-premises environments into a logical identity infrastructure, will provide one foundation for these projects. Ping began to embrace the identity bridge in 2012, and we are convinced it is imperative for successful hybrid architectures.
Look for identity bridges to add bi-directional support, allowing IT to accommodate partners, contractors and others bringing their own credentials to the enterprise from the cloud. This evolution also will include integration of multiple ID stores that will serve user attributes for further refining identity assurance and access controls on data.
Identity will play a key role as enterprises are pressured to think strategically about application security in the face of API proliferation and the unstoppable force of Bring Your Own Device.
Native mobile apps require security models that protect the device, protect the apps and ultimately protect the data that flows across apps. Identity use cases will anchor provisioning users to devices, authentication flows, and access-revocation especially when devices go missing.
More tests for IT
And there will be other important considerations to process and pilot including efforts to solve the authorization puzzle, aligning social log-ins and network security requirements, and the maturation of new standards most notably for provisioning.
2013 will test IT, security architects, CIOs and CEOs who must broaden access, build trust and lock down security.
In the coming months, the identity industry will begin moving its needle toward a new world of possibilities. And we're really excited to be participating.