Security industry enters new era driven by a shift in the use of trusted identities (part one)
A shift in the use of identity technology is leading to increased adoption of mobile devices and the latest smart card technology, a greater emphasis and reliance on the cloud, and a radical new way of thinking about trust in smart environments and the Internet of Things (IoT). Initiated more than a decade ago with the move to smart cards that carry digital identities inside microprocessor chips, this shift in thinking about identity has precipitated the move from legacy systems to NFC, Bluetooth Low Energy (BLE) and advanced smart card technology to meet the evolving needs of organisations and governments worldwide.
Moving forward, organisations will use a broader range of smart devices than ever before, extending beyond cards to mobile phones and wearables, while enabling users to do much more than simply open doors in an increasingly connected world. This will directly impact how customers view and use trusted identities on both mobile devices and smart cards, for more activities and in more connected environments in the years ahead. Trusted access and other physical and on-line interactions will become more personal, contextual and valuable, as everything comes together through unified, more fraud-resistant end-to-end identity and access management systems.
Changes in the use of trusted identities impact facilities in many ways, including improving the user experience and yielding better ways to establish, create, use and manage secure credentials. They also create new options to deploy hybrid on-premises and cloud solutions for access control – and to tie people, assets and processes to the Internet of Trusted Things (IoTT). Trust will become increasingly important, along with a focus on biometrics for conveniently and reliably associating digital identities exclusively with the true identity of the person claiming to own them.
Improving the user experience
A consumerisation of security will lead to heightened demand for using phones, wearables or smart cards to open doors and login to cloud resources, not to mention enabling personalised on-demand printing of documents and many other building services in the connected office. Trusted identities that integrate security, privacy and convenience will provide a new level of assurance to these applications and transactions, while making secure access more personalised to the individual. Developments will impact how users discover, purchase and enjoy commercial services and experiences.
The industry will also look towards complete identity relationship management that considers the need to grant access based on the context of their needs within smart environments. This will pave the way for the virtual equivalent of a personal building assistant, continuously anticipating needs while delivering secure and seamless access to doors, IT systems, networks, data and services.
These and other changes will have a dramatic impact on everyday activities for businesses and consumers. In the enterprise, new capabilities for managing and using trusted IDs will be driven by the increase of temporary offices, mobile knowledge workers and the evolution of tomorrow’s more connected workplace, where adapting to the preferences of today’s talent pool is driving the need for more open, flexible workspaces. ‘Distributed work’ models that combine independent workspace, social interaction and formal/informal collaboration in the office space will need a more seamless secure access experience. When breakthrough technologies allow management of identity across the organisation, there can be a universal approach to identity that connects disparate systems and assists in achieving regulatory compliance mandates.
Trusted IDs beyond the enterprise
Trusted identities will become an embedded feature of more use cases rather than simply an add-on capability. The trend of ‘security by design’ will lead to many more convenient approaches to using digital identities across a growing variety of activities, services and industries. Consumers will see trusted identities used in scenarios such as guaranteeing authorised use of corporate and heavy machinery fleets, as well as creating new ways to safeguard students and validate drivers. Indeed, as digital identity technology becomes an embedded feature in wearables, there is the opportunity for it to pervade virtually all aspects of daily life. Digital identity will become the key that opens every door, connects us to cloud-based applications and services, and controls our environment at home, and where we work, shop, learn and play.
A simpler, more efficient approach
Cloud-based solutions for IT access management (e.g., Microsoft Azure) are well-established and widely used, and there is now a growing interest in using cloud-based solutions for physical access control and ID management, as well. These systems could cover the full identity lifecycle, from the printing of badges or issuing of cards or mobile credentials, through to system management and assigning access rights.
Credential issuance for physical ID cards will also experience a digital transformation, as the use of cloud technologies will enable service-focused models for badge printing and encoding. Cloud-based models for ID badge issuance will feature the security of end-to-end encryption and provide the choice of on-premise or cloud models for card personalisation. This will transform the user experience and operational management of ID badge printing, reduce costs, eliminate capex outlay, simplify system maintenance, and improve security as compared to on-premises solutions
Facilities are also recognising the interdependencies of technologies and platforms needed for business agility, cost management and providing a better user experience within a mobile workforce, or for digital commerce and relationship management that continues to require more reach, flexibility, and security.
To support these technology interdependencies, breakthrough advances will allow identity management across the organisation and connect multiple platforms for a unified approach that delivers a single, comprehensive security view. This model will make it easier for administrators to deploy and maintain an integrated system, plus help lower total cost of ownership. It also supports extending strong authentication from the desktop to the door, and other advanced security such as digital signing, full disk encryption and boot protection.
A good example of this can be illustrated in a connected healthcare environment. Across the healthcare continuum from hospital to home, identity technologies will simplify all aspects of healthcare operations, from opening hospital doors, accessing healthcare records and e-prescribing to how healthcare professionals interact with patients and log their activities. Hospitals will explore leveraging their e-prescribing architectures for other valuable capabilities such as authenticating to VPNs and enabling remote access using credentials, key fobs, mobile smartphones and other smart devices and on-time password (OTP) tokens.
Look out for the concluding part to this article on FM next week.
This article is written by Steve Katanas, director of sales, South Asia Pacific at HID Global.
Image copyright (lead): jippu2498 / 123RF Stock Photo
Image copyright (in-text): flynt / 123RF Stock Photo