Bring Your Own Identity (BYOI) is the next evolution of BYOD

Many technology and security experts predict that “Bring Your Own Identity is the next evolution of BYOD. However, the experts are mixed on the security of BYOI. Some say it will make security stronger because of the way identity is used to connect to websites and networks; others say that by using third-party identities, employees put the network at risk because CISOs (chief information security officers) don’t know how or where these identities are being used.

BYOI represents an evolution in authentication schemes by offering a better user experience and security than the use of, hopefully, multiple passwords for different services. The reality is that BYOI is something that came with BYOD and we have seen that the efforts of enterprises to restrict, control and manage it have not been successful. BYOD accelerates the identity overload we have these days. The more devices and services, the more identities we have to protect. And until now we only protected them with passwords.

As a security expert, I can’t wait for the day when people would not have to use passwords anymore. We have seen in the recent hacks that people use simple passwords. And they tend to reuse that simple password pretty much everywhere. The same applies to the email address. And, of course, many consumers use the same email address to register everywhere and they use for the services the same password used to access their email. So, if one service gets hacked, everything else gets hacked.

One could argue that in enterprises the situation is different. Yes, maybe the password policies force users to create stronger passwords and to change it more often. So, instead of one password, they will create two or three which they will reuse. If the systems in use remember the used policies, then they will write the password on a post-it and stick it on the display or under the table.

So, the problem is the same – the password. With one single service to authenticate, the possibilities to secure it are much better, because the consumers have only one password to remember and it is quite easy to add two-factor authentication so that we don’t have a single point of failure.

Also, not a fact to ignore, single sign-on is used in all social media services. And, social Media is accessed in enterprises through the devices owned by employees, even if the corporate network blocks the access. If social media is a phenomenon that can’t be stopped, so why not making a good use of it? When a company tries to set a security policy, it is always very hard to make people understand that it is in their interest. The employees don’t see the immediate value (assuming there is any) because they don’t understand what’s there that can help them personally. Social media is personal and it can be used to increase the security of the enterprise.

These days the single sign-on is pretty good represented by some well-known standards: OpenID, OAuth. The latter is now used by almost all online services, not only social media websites. And, with about 25 online services per person (in average), services like this are the only solution we have.


© Copyright 2014 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close