In an increasingly digitised and distributed business world — with hybrid clouds, multi-clouds, and remote work more and more normalised — identity management is no joke. The productivity of your employees and the profitability of your interactions with customers relies heavily on getting it right. Many businesses don’t.
When someone comes knocking at the gateway to your business systems, it’s vitally important that you know their identity.
- Is it an employee and if so, what privileges should they have?
- How do you ensure that employees can do all that they should be able to do — and nothing more?
- How do you ensure that employee identities are not compromised, risking damage to your systems and vital data?
- If it’s a customer, where are they coming from?
- Have they been here before?
- What do you know about them that can make their experience of dealing with you as great as possible?
- And how can you find out without putting them off so they go deal with someone else?
Aubrey Turner, Executive Advisor with Ping Identity, is intimately familiar with both sides of this issue. He says that identity management should be seen as a user journey that supports a business process.
On the employee side, he says, the problem is one of security as well as productivity. “How do I onboard a user, get them day one access, and make sure that’s seamless — making sure that they are secure, yet productive?”
Online recruitment processes pose novel challenges, he explains. “I've had a number of customers since the start of this year tell me that the person that they brought through the recruiting and hiring process was not the person that showed up on day one.”
A way to know as much about the person you’re recruiting as possible throughout the process is clearly needed. But if the process introduces too many pain points, you risk missing out on recruiting quality talent. Or worse, if your internal identity systems are too onerous smart employees will find ways to circumvent them (like using Slack instead of the approved corporate system), which creates further risk.
On the customer side, the nature of the risk depends on the type of business you’re in. In banking and financial services, there are regulations around knowing your customer and deterring money laundering that has to be satisfied.
Likewise in retail, you want to know as much about the customer as possible to make their shopping experience as targeted as it can be. However, if the account creation process is too frustrating customers will vote with their feet.
“They will say, I'm just going to abandon this and move on to someplace else where I can do it faster and easier”.
As Turner puts it, “It’s about making sure that you don't interrupt somebody who’s in the middle of buying something from you”.
The problem is that identity management is a complex environment. There are lots of providers building tools that, while useful, don’t necessarily work well together. And when the components of your identity management system don’t work together — for instance if your login to the company intranet doesn’t also give access to instant messaging — that causes friction.
Ping Identity’s Da Vinci is all about creating linkages between those disparate systems, making them interact without friction so that people will actually use them. That’s the “user journey” — “The aim of Da Vinci is to help you pull these different pieces together and provide some of the glue between these components.”
As an example, he points to Ping Identity’s own internal process of adding password management to its registration systems so that employees don’t get annoyed by having to enter passwords all the time. “You can take DaVinci and model that type of user journey to create that type of frictionless experience, be it for the workforce identity, or for a customer identity.”
Of course, the risk when managing that kind of complex integration is security. As Turner says, “We know that the threat landscape is constantly changing. The bad guys are … using automation. They're using every sort of tool at their disposal.”
In order to stay ahead of an agile threat, you need to be equally agile. The problem, he says is, “If you're writing a tonne of code to try to integrate a lot of those pieces to create a more secure, but frictionless process, you’re losing your advantage.”
And that is again exactly the problem DaVinci is designed to solve.
“DaVinci is a low-code, no-code” solution. Its pre-built components allow you to drag-and-drop elements with minimal if any, actual coding required.”
Turner is particularly proud of this aspect of DaVinci. “We're stripping the code out and we're taking, you know, hundreds of thousands of line lines of code collapsing it into minutes.”
This enables extremely rapid prototyping, allowing stakeholders to test and deploy integrations quickly and easily. “Everybody from IT to identity, to security, to whoever owns the digital experience, can all be in a virtual or real room and see this process be modelled out visually.”
That ability to integrate the various pieces of the user journey quickly and with minimal coding enables companies to build a frictionless identity-management process that people will actually use rather than avoiding or circumventing, he said.
And then when the knock comes on the door there will be no need to ask “who’s there” because you’ll already know.