Security Market Segment LS
Thursday, 25 May 2017 15:32

Identity is core to digital experience


Being able to identify employees and customers is not only necessary for security reasons, it is central to providing good digital experiences.

"The right to be anonymous is definitely important," said Ping Identity chief technology officer Patrick Harding, but it can be overwhelmed by the efforts of marketing departments. Without government regulation, organisations have no incentive to preserve privacy.

One example of government intervention is the EU's General Data Protection Regulation (GDPR) which, Harding noted, mandates user consent and includes the "right to be forgotten" even when the relevant data must be retained for compliance with other laws or regulations.

Ping's technology can help organisations comply with such rules by governing access to user profile data in a policy-based way.

"User consent is becoming a more and more important paradigm that organisations are going to have to adhere to," Harding said.

While many people are concerned about privacy, identity is central to providing a good user experience, he suggested. It also allows an organisation to gain a single view of its customers.

Customer identity and access management (IAM) is a relatively new part of Ping's business, which has traditionally focused on enterprise IAM.

The growing use of SaaS and mobile apps has made IAM more complex, said Harding, but the widespread adoption of smartphones in recent years has made multi-factor authentication more acceptable. People didn't like using security tokens, but "employees love it" if you implement authentication via push notifications to their phones. So, he suggests that it's time to reconsider multi-factor authentication if you're not currently using it.

However, there are many edge cases where smartphones aren't the (whole) answer. Some people choose not to use smartphones, others do not want to use their personal phone for any work purpose, and some workplaces have banned the use of mobile phones.

Workarounds include delivering one-time passwords via applications running on computers rather than phones, or via emails to corporate addresses. This is "not as good a user experience" but shows that the issues can be worked around.

Harding said there was a need to integrate physical and logical security credentials, for example, by using a building access badge as part of the log-in process. Proximity-aware devices such as badges would be convenient, he said, especially in situations such as a kiosk shared by hospital staff because they would not need to keep logging in and out. "That's the vision of where we need to get to," he said.

It is also possible to combine information from different sources to help confirm a person's identity. For example, there is reason to be suspicious if the access control system puts them in one place but their smartphone is somewhere else, so further authentication would be appropriate. And the more sensitive the systems being accessed, the more rigorous authentication is needed.

Yet there is a particular problem with making the smartphone too central to the authentication process: "if you lose your smartphone, you're kinda hosed," Harding said.


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments