Four big vendors are today getting together to launch a new initiative which they say will help deepen the security organizations can expect when using identity management within an enterprise. The Identity Defined Security Alliance (IDS Alliance) is a grouping of Ping Identity, AirWatch by VMware, Netskope and ThreatMetrix and aims to create a unified approach towards identity (at least, unified among this group of vendors). At its heart, the alliance creates a new blueprint that it hopes information security practitioners will use to design a broader, more robust, identity approach to use within their organizations.
Clearly there is a need to make this area stronger. Increasing workforce mobilization, a growing permeability between an organization and the outside world and a heightened use of cloud computing all make traditional approaches towards identity less sufficient. Simply protecting one part of the chain (endpoint applications or network, for example) isn't enough -- instead, an identity-based approach that covers the different types of devices, the various systems organizations use and the differing workflows that organizations, and the different parts of organizations, use is needed. The idea here is that rather than just protecting the endpoint, enterprises can be more agile and provide the right level of access, to the right people, at the right time.
In terms of the actual substantive stuff, the IDS Alliance’s platform includes the following features, contributed by the different members of the alliance:
- Identity federation and single sign-on
- Contextual, multi-factor authentication
- Web and API access security
- Enterprise mobility management
- Cloud access security brokering
- Identity, behavior and threat analytics
- Endpoint security management
“The proliferation of cloud, mobile and Internet of Things has made navigating an already confusing landscape of security solutions even more challenging for CISOs,” said Andre Durand, founder and CEO of Ping Identity. “There is no silver bullet solution to the complex challenges that today’s modern enterprises face, so we created this alliance to help companies select technology solution partners that share a common vision for a new approach to security that ensures trusted users seamless, secure access to what they need to get their job done.”
MyPOV
For a few years now I've been saying that traditional approaches to identity simply won't work in a world that is increasingly complex and disaggregated. At a keynote presentation I gave a couple of years ago I proposed a new approach to identity, one that wasn't focused on individuals and their access to data, but instead that recognized that every "thing," be it an individual, a connected device or a data point, had identity and modern solutions needed to be built in a way that was sympathetic to that.
This alliance, while not going as far as that, certainly helps to de-emphasize the individual-centric approach to identity. By including device management, access security and a fabric of security over the top of all of it, they make an interesting play. Of course the proof is in the pudding and I'm hoping that we'll continue to see substantive product and cross-development announcements from the various parties.
At first blush, however, this is one announcement that actually makes sense.