The BYOD trend has been widely attributed to executives demanding to use their iPhone or iPad as a replacement for the obligatory company-issued Blackberry. This trend has only accelerated as consumer (employee) appetites for better user experience and more functionality has become almost insatiable. The rise of Android has continued to fuel the fire as users now have even more choices for devices with the "cool-factor".
BYOD and the Internet of Things (IoT) is one of the six IT trends that impact identity and can make or break your business strategy. Because each trend is so rich, I've looked at each one individually on a weekly basis. Last week, I covered APIs. Today, let's continue the discussion with BYOD and the IoT.
BYOD is yet another example of how the world in which we live and work is impossible to fence in and secure with a traditional firewall. Managing devices that access your apps and data is one of the critical aspects of any modern security architecture. You can either dictate what devices are used and where they will be located (good luck!), or you can embrace the reality of the ever-connected, always-on, virtual world we live in. And if BYOD is shaking up our world, you better brace yourself as another 30 billion "things" come online in the next five to ten years.
Although IoT will create a new stratosphere of connected devices, BYOD is representative of the IoT-specific trend in some important ways. For instance, in both IoT and BYOD there is a high level of uncertainty as to the types and locations of connected devices and how they are used to access your applications and data. This uncertainty should give pause as you consider your approach to identity and access management (IAM).
Issues to think about concerning BYOD and IoT include:
Difficulty to separate personal data and apps from corporate data and apps on device.
Inability to predict or control the location of the device.
Limited ability to implement remote administration of the device.
Can't predict or dictate the operating system for the device.
Difficulty with extending current WAM based single sign-on (SSO) to mobile devices.
Need to be able to manage identities for vast numbers of people and devices
I could talk to each of these in some detail, but then this blog would rapidly turn into a book. Instead let's turn to some concepts that are critical to solving these above-mentioned challenges as you architect your next generation identity solution:
Federated Architecture - As the number of identity sources, applications, service providers and device channels grow, federation is the only way to effectively manage identity and access management (IAM).
Support for Standards - Standards such as SCIM, SAML and OAuth all play a role in supporting security for mobile devices in a scalable manner.
Web, API and Mobile - Most organizations have a traditional IAM stack that handles web applications, but those systems usually fall short when it comes to API and mobile. Adding a proxy/gateway access management system is quickly becoming the solution for the modern IAM infrastructure.
Cloud Centric - IDaaS is more than a passing fad, many organizations are addressing SSO with cloud-based technologies that easily extend to mobile devices.
One company that had a mobile initiative and needed to address the BYOD trend directly was Land O'Lakes. As America's second-largest food and agricultural cooperative, Land O'Lakes has been early to realize that its mobile device security goals were linked to its overall IAM strategy and infrastructure. The company deployed a flexible platform that would meet today's challenges, but would also grow to meet an ever-broadening set of needs in the years to come. Ping Identity was able to provide:
Simple, secure user access for more than 6,500 users
A secure solution that is mobile and scales easily
Increased app usage
Fewer help desk tickets
Please join the conversation! What are your thoughts on BYOD and IoT? How have you handled BYOD at your company? What about IoT? Add your comments below.
Next week's discussion will focus on the Omnichannel, which challenges the enterprise to offer a consistent end-to-end experience on the foundation of a integrated infrastructure that provides rich behavioral insights and a single view of the customer.