The past few years have witnessed a significant increase in the mobility of employees, starting the “Consumerisation of IT” trend that has led to the growing adoption of “Bring Your Own Device” or “BYOD” trend for tablets and smartphones. This has increased productivity, as mobile users have access to more information and better communication using the devices that they are most comfortable with.
As users have added business apps to access secure data within the workplace and the need to link and manage the appropriate identity has led to the emergence of today’s growing trend of “Bring Your Own Identity” or “BYOI.”
One Device, Multiple Identities
A modern tablet likely will be used for both personal and work activities; therefore, it’s essential to associate each activity with the appropriate digital identity. The IT department needs to ensure that the digital identity used to enable access to these resources is securely linked to the correct person, as well as ensure they can disable that access when appropriate. Organisations now realize that users also need a place on the mobile device for personal apps and data that can function concurrently with the work activities.
Beyond Passwords – Stronger Authentication, Less Hassle
It is becoming increasingly apparent that a user name/password is no longer an acceptable level of authentication. Fortunately, the mobile device presents a robust platform for two (or even three) factor authentication. Virtually every mobile device has one or more secure elements, such as the Universal Integrated Circuit Card (UICC,) that can be used to securely store keys and perform cryptographic operations.
How to Implement BYOI
Implementing BYOI requires three steps:
- Ensure that the mobile devices are manageable, either by selecting devices with management capabilities or by using third-party products
- Implement a mobile identity and credential management solution
- Select applications that leverage the credentials
Provisioning and managing identity for BYOI requires a link into the tablet for provisioning and lifecycle management, and at the same time a connection to the appropriate directory, identity and credential management software in the enterprise. A number of existing identity and credential management products have been extended to provide Over-the-Air (OTA) provisioning and lifecycle management. An identity solution for mobile must implement and manage the specific policies of the organisation.
Looking to the Future
Modern operating systems have support for device, application and identity management. Looking forward, the industry can see that the functionality operating systems provide will become richer, delivering enhanced features and better security.
While the focus this year is on managing two identities securely on one device, as the market matures, there will be a trend to support additional identities, each with its own perimeter. A person might have a second job, or want to use a suite of healthcare apps that link securely to their healthcare provider. In each of these cases, the device holder will want to enable a set of apps to use a strongly authenticated identity that is separate from others.