Identity management in a wireless world

At last month’s CONVERGE conference for users of Courion’s identity management products, I sat on a panel with, among others, RSA Product Management Vice President Jason Lewis, as we discussed building an identity architecture “for the 21st century.”

Just last week Lewis’ name popped up again during a Google search I was running. It seems he’ll be speaking at the Wireless & Mobile WorldExpo in Toronto next month on the subject of “Trusted Identity and Access Management.” Wait a minute. Is that a show dedicated to wireless and mobile platforms? Do they somehow have identity management needs that enterprise networks don’t? The short answer is, I think, “no.”

So what is Lewis doing at a wireless and mobile show? It’s more a case of mobile platforms finally discovering identity management. A quick look at a summary of Jason’s talk (see editorial links below) shows that he intends to introduce the benefits of identity management to the mobile audience. The summary explains:

“An effective e-business strategy is essential to your organization’s growth and success, enabling you to reach new markets and users, speed cycle times, increase revenues, reduce costs and strengthen relationships. Yet, to reap these rewards, you need [to] balance user enablement with the security you need to protect your business. You can only strike this delicate balance by cost-effectively managing the identities of an ever-changing mix of users, including employees, customers, partners, suppliers and channels. To some, identity management is defined as simply collecting, storing and updating user profile information. In this session, we will take a broader, more holistic view of the technology. We’ll explore how identity management is actually about using digital identities to conduct business.”

There’s nothing in there that’s unique to the mobile platform, but there is a lot about introducing identity management to folks who may not have considered it up to now.

It appears to me that mobile devices are currently managing identities the same way “Windows for Workgroups” did a dozen years ago – identify the device and ignore the actual user (or make an assumption about the user). It’s not that mobile devices have different requirements for identity management although they may need different implementations.

I came across Lewis’ session as I was searching for data on mobile platforms and identity management because someone wanted to know if there was a separate niche for mobile platforms within identity management. Come back next issue and I’ll tell you why I was looking and what some industry experts have to say about this question.