Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Separating single sign-on myths from fact

by Geoff Webb - Director of Solution Strategy at NetIQ - Tuesday, 26 February 2013.

Social identity allows organizations to engage with users with the least amount of friction, at the lowest cost, and with minimal management burden. It also allows a business to grant more access to more people with less overhead and management headache, and therefore, provides an organization with SSO functionality to access public-facing web services. Therefore, SSO and social identity are complementary concepts that organizations can use to enable frictionless access to anything, from anywhere from any device, based upon an individual’s identity.

BYOI and the way forward

When we look at how things are evolving and changing with the consumerization of IT, it is likely that we are going to have to continue to assess how to utilize both SSO and social identity frameworks support business objectives.

We want to achieve verifiable identity based upon unique identities, within the given context of what those identities are seeking to access, from where, when and with what device. Therefore, social identity may provide the first step in authenticating an individual, but would need to be part of a process of secure and scalable authentication.

It may be that it is all that is required to access some services, or be part of a multi-factor authentication approach to really verify identity in order to access other, more sensitive data.

As social identity becomes more ubiquitous, we are already entering the era of “Bring Your Own Identity” (BYOI), where user identity is decoupled from traditional control, while businesses have the ability to rapidly provision, deprovision and manage individual access of data across public and private cloud services.

For CIOs that can get past these entrenched myths, and apply SSO in light of today’s disruptive IT trends, such as cloud, consumerization of IT, mobile and of course, social Identity, SSO’s long track record as a proven technology and solution offers additional layers of protection to existing identity and access solutions for comprehensive access authentication that circumvents the weakest link – humans who have challenges remembering dozens of user names and passwords. Perhaps most importantly, it strengthens today’s move towards far more comprehensive data protection measures to meet business and compliance demands.