IT needs ID-as-a-service for move to cloud, expert says

Summary:Existing IT identity management systems don't provide the fuel to run cloud's motor for privacy, security

Broomfield, Colo. - The cloud’s motor needs identity to run, but existing enterprise ID infrastructures are not fuel for that motor, according to identity expert Kim Cameron.

“In IT, we are still back in 1890; everything is hand-made, handcrafted,” said Cameron, the author of the Seven Laws of Identity and Microsoft’s identity architect. He delivered a keynote Wednesday at the annual Defrag Conference.

Enterprise identity management needs to be more flexible, Cameron said, and it has to align with cloud service architecture, namely the emerging API economy. That economy is characterized by billions of API calls to support services sharing data on a massive scale that stretches across the enterprise and the cloud.

“If organizations want to survive they need breakthrough change,” he said. “The reason the API economy is so huge is the fact there is this new division of labor. The cloud is not about ‘I am going to cut my costs,’ it is a whole new way of producing IT.”

That division of labor allows IT to off-load work to cloud-based services for capabilities such as platforms, applications, storage, identity and other IT functions.

Cameron said enterprises, governments and other organizations that are following consumers into the cloud need different access controls and have different expectations.

“They won’t stand for being molested around privacy the way consumers have been,” said Cameron. “They are going to demand protection of their data and privacy.”

He said identity-management-as-a-service (IDMaaS) will meet those demands.  

Cameron clarified privacy saying it is not about individuals, but privacy for parties involved in transactions – enterprises, governments and service providers.

“All of them have the right to have confidential data and protect it," he said.

As way of example, he noted Microsoft’s first attempt at an identity service, which was called Passport. Widely panned, Passport failed because the service did not protect a company’s sensitive data, such as customer lists.

IDMaaS has come of age because the rise of cloud computing is driving enterprises to be leaner and more “fit to purpose,” Cameron said. 

“The functional specialization driving cloud economics needs a new model of identity management that has cloud-era capabilities,” he said.

Cameron said there are two caveats to the success of identity management as a service; trust frameworks are needed and privacy boundaries have to be as important as security boundaries.

Topics: Cloud, Networking, Security

About

John Fontana is a journalist focusing on access control, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he writes and edits a blog, as well as, directs several social media channels and represents Yubico at the FIDO Alliance. Prior to Yubico, John spent five y... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.