User-centric identity comes of age
For many, the thought of employing a fledgling technology as part of an identity initiative is tantamount to writing a resignation. Yet proponents, such as Sxip Identity CEO Dick Hardt, believe the groundswell of vendor support will soon make user-centric federation a viable enterprise play.
“I’d give the industry an A,” Hardt says. “Unlike previous identity technologies, almost every major vendor is participating in user-centric technology in some way.”
As with any technology, user-centric federation faces an uphill battle in terms of gaining widespread enterprise support. More than a matter of industry consolidation and standards development, a technology’s enterprise hope hinges on thorough interoperability testing, trustworthy libraries and tools, and most importantly, products that bring the technology's promise to life.
CardSpace and OpenID have certainly come a long way during the past few years. Yet important steps must be completed before organizations can put them to widespread use. Despite well-baked standards, CardSpace comes up short on functionality such as mobile credentials. More glaringly, OpenID has serious holes that proposed standards aim to fix, but there has been little traction in getting those standards approved.
That is not to say vendors are at a standstill. In fact, interoperability testing is a bright point for both technologies, with interop events taking place multiple times per year to the tune of deep participation from players large and small. Moreover, tools and libraries abound. For enterprises, however, adoption often depends on product selection. Thus, with only a handful of solutions available with CardSpace or OpenID baked in, deployment has been slow.
“There aren’t a lot of pieces you can buy off the shelf. We've done well on [tools for the] identity selector, but tools for identity providers and relying parties are still lagging,” Hardt says.
Technology, of course, is one thing, but buy-in depends largely on winning over top-line minds. Here is where the particular intricacies of identity play a heavy hand in the fate of user-centric federation in the enterprise.
“Identity is a difficult challenge when you consider that a large organization has so many different kinds of relationships -- employees, contractors, partners, and customers -- all spread across regions and geographies,” says Mike Neuenschwander, vice president and research director at Burton Group. “On top of this is the problem of policy -- expressing what the organization requires or expects in each situation.”
To date, much of the motivation behind identity deployments has centered on the bottom line. “Reduced help-desk costs and increased security are driving consciousness around ID in the enterprise,” says Andre Durand, CEO of Ping Identity (Full disclosure: I am on Ping Identity's advisory board).
But as organizations gain experience with user-centric identity, primary considerations such as reducing customer friction and building brand become important.