Facebook. Twitter. LinkedIn. Instagram.
Chances are employees at your organization have at least one account they access daily. With more and more millennial employees in the workplace, and with the rise of multiple device endpoints, they are also likely to be accessing these accounts from various devices everyday with the same login credentials. Yet, in most cases, employee identity is still being controlled centrally by IT through passwords, PINs, network IDs and various forms of identification.
The old adage “if it's not broken, don't fix it” shouldn't apply to traditional enterprise ID systems because the current approach is both broken and incredibility inefficient. It has proven time and again to fail to provide the protection required. It is inconvenient for employees, especially millennial workers who expect to utilize social login. And it is a very expensive process for organizations that can constitute up to 30 percent of IT help desk tickets.
So what can enterprises do?
Enter bring-your-own-identity (BYOID). An evolution of bring-your-own-device (BYOD), BYOID stems from the push for a simpler and more integrated method of managing employee identification.
By allowing people to use one social login to access personal and professional services, BYOID shifts the focus away from centralized management to individuals. This shift has several benefits for employees and enterprise IT. Rather than a vast array of different passwords for various enterprise systems, users simply have to remember one strong password. This not only adds convenience, but also improves security since several simple passwords are not spread throughout multiple services. Additionally, with the likes of Google having strong safeguards such as two-factor authentication already in place, security is further enhanced. Counter intuitively, social login can now be more secure than many corporate security schemes. Moreover, in an era of BYOD, single logins strengthen mobile access convenience with users accessing corporate services, from both inside and outside the firewall, via a range of devices.
For the enterprise, single logins improve employee satisfaction and also alleviate IT complexity as each enterprise transaction is completed with less friction. The enterprise must also deal with the increasing costs of managing complex enterprise identification systems, not to mention the cost of each employee's individual interaction with the corporate IT help desk every time there is a failed login attempt. One estimate even places these calls at up to $250 a ticket when technical help is involved.
While a single socially enabled login improves the user experience, adds security, is more convenient and can be more cost-effective, perils do exist.
With users having multiple accounts and devices, enterprise IT can lose control of an employee's corporate identity by delegating identification to social networks and cloud services. This can make maintaining security with fragmented IT systems difficult. For instance, say an employee leaves your company. Without the ability to map their corporate ID, they can remain in your system, causing headaches to manage when it comes to tasks such as billing. The same goes for new hires or employees changing positions within the organization.
So how can IT solve the BYOID Catch 22?
The answer is ensuring that organizations build an identity bridge that links an employee's corporate identity to their social identity. With identity mediation, organizations no longer run the risk of losing identity completely. Using authorization tools such as OAuth 2.0 and SAML, enterprise IT can ensure there is a successful framework in place for connecting corporate applications to employee accounts.
With individual mobile devices and cloud-based applications flooding the millennial enterprise, BYOID represents an inevitable trend. Bridging your employee's corporate identities to their social identities is only a few steps away, and doing so can have a profound impact on your employee satisfaction and bottom line.