Quick — what are the top IT security issues today? A list might include things like uncontrolled wireless devices, organized e-crime, identity management and ‘the next big virus’. It would be hard to discredit any on this list, but from a individual user’s perspective, identity management is becoming a very hot topic. And identity management is certainly something that is of interest to large organizations, particularly those that are in government or regulated industries — which covers a lot of ground these days.
Identity management is critical to conducting e-business and for protecting sensitive information. Practically speaking, if a company doesn’t know who is ‘at the end of the wire’ then it is very difficult to offer up anything significant in the way of business content. And if that identity is not managed properly over time, the user can lose confidence in the relationship and even stop using the offered services completely.
So, how can you know who is accessing your site, web portal or business application? How sure can you be that they are who they say they are? It all starts with confirming the identity at the first interaction with the user, or what we like to call ‘identity proofing’. This critical step can be difficult to design, build and operate. Identity proofing requires good process, the type of process that businesses and governments use to support the issuance of identity cards in the physical world. When it comes to proving identity, electronic identities and physical identities must follow the same process to be effective.