6 tips to manage security of digital identity
Published on 03/05/2018 in News
Security is evolving. “Security is not focused on the perimeter, but on the user,” says Wouter. “Until recently, identity management was often rather fragmented, whereas what is needed is a holistic approach.”
6 tips from Wouter Vandenbussche, Product Manager Identity at Proximus for successful Identity management.
- The three commandments: who, what, where
Companies like Google and Facebook are probably the biggest managers of identity-related data. Yet it serves little purpose. A government service will never allow a citizen to register simply using his Facebook ID. This is due to the three commandments of identity management: authentication (being certain who it is), authorization (giving that person the appropriate rights and privileges) and audit (knowing what has happened to the data).
- Expansion of privileged account security
Organizations currently often only take limited measures when it comes to privileged account security, or the specific protection of accounts that have access to confidential data. In fact, a general and broader solution is needed to cover identity management for staff, suppliers, customers, citizens ... depending, each time, on their particular role when using the application concerned.
- Avoid a silo perspective
An organization must not consider its approach to identity management purely from a IT-technical perspective. It is just as likely that other departments are concerned: human resources, supply chain, manufacturing, not to mention marketing and customer. It is important that they are also involved in the strategic choices in handling digital identity.
- Adoption is key
A platform will not work if nobody uses it. A platform will be successful if it covers at least 60 to 70% of all transactions in the short term. So it is essential for users to embrace the platform. It is not recommended to work with a big bang, as an agile approach tends to be more successful.
- Interface is essential
A user-friendly interface increases the speed at which the platform is adopted. If the solution is perceived as being too strict then users may start to show resistance. End-users expect an efficient interface, which includes mobile devices.
- Long-term work
Identity management is not a project but a program. Once the platform has been implemented it is essential for monitoring and evolution to continue. Identity management is a long-term matter. An organization must never stop thinking about how it wishes to stay connected with its clients, staff and suppliers.
Innovate Identity, a British company, explains the how’s and why’s.
Read how minister Alexander De Croo explains why Belgium is not behind on digital transformation.