Identity Relationship Management


Identity Relationship Management (IRM) solutions that are able to satisfy the business needs of an organization and the new values of the CIO will shape the future of Identity And Access Management

Identity Relationship Management is a Kantara Initiative about working with Identity Relations

The shift to Cloud computing, Social Networks, mobile Devices, and Software as a Service is revolutionizing the enterprise, and Identity and Access Management needs to evolve to help businesses capture new opportunities without worrying about the associated complexities that are a result of this change.

Identity Relationship Management Concept#

Do, or should, we value a Digital Identity or is the value within the Identity Relation between the two Identities that is of value?

The Problem#

Even though many organizational Entity believe it is their duty to create their own IAM services that ask users to create personalized log-ins, as well as to share more and more data. However, by doing so, these organizations introduce higher degrees of information risk.

Why do organizations create their own IAM systems? #

There are many answers to this question: perhaps they believe that a strong perimeter is the only way to be secure and the collection of personal data may prove to be a valuable resource that is waiting to be prioritized, or because they may have not completed an internal risk assessment to identify and measure the risk of holding and managing personal data against the potential profits.

This shift in business emphasis has a direct technical impact on how we think about Identity and Access Management. Through this shift we have come to value:

INTERNET SCALE over enterprise scale#

Today’s users access secure systems not just on premises, but in the cloud and via the Internet, any time, day or night. Today’s users are not just employees logging on at work but also partners, customers, and devices signing in from anywhere. As the number of users grows exponentially, modern IRM systems must be able to accommodate hundreds, thousands, or even millions of additional identities instantaneously, achieving a scalable volume that was neither possible nor needed for the enterprise, but is essential in an Internet-connected, consumer-facing world.

DYNAMIC INTELLIGENCE over static intelligence#

Traditional Identity And Access Management was designed for a specific set of events – employee on and off-boarding, for example, taking place in a predictable on premises work environment. Today’s Identity Relationship Management must understand the circumstances in order to determine whether or not you get access, and if so, how much and to what? If you log in from a new device or from a different country, for example, a modern, adaptable Identity Relationship Management system will adjust to the uncertain circumstances and ask you for additional authentication beyond a simple password.

BORDERLESS over perimeter#

Once upon a time, employees arrived at the office, logged into secure systems and logged back off at the end of the day. In today’s work-from-anywhere culture, employees, as well as partners and customers need access from laptops, phones, tablets and even cars. They access secure data stored not only on company premises, but also in the cloud and hosted by Software as a service providers.

MODULAR over Monolithic Architecture#

Today’s Identity Relationship Management demands are much more complex than those of traditional Identity And Access Management. A good Identity Relationship Management solution is designed from the ground up as an integrated, cohesive stack that is purpose-built to handle complexity. Traditional Identity And Access Management, typically built piecemeal through acquisitions and tacking on parts as needs arise, struggles to respond to the multitude of users, circumstances, devices, access points, and access privileges that dominate today’s Identity Relationship Management world.

Three Digital Identity Framworks#

More Information#

There might be more information for this subject on one of the following: