Identity-Based Credentialing for All — Enterprises, Governments, Higher Education

Mark Joynes

Sometimes it’s hard to fathom how far technology has progressed in some areas, while in others we’ve yet to see necessary advancements that should be critical to the way we live our lives today.

Specifically, security vendors are finally providing comprehensive identity and access management solutions that enable physical/logical access, strong authentication and a host of environment-specific abilities and services — all on a single, unified smartcard credential.

A recent report by Forrester Research1, authored by Andras Cser and Bill Nagel, highlighted the need for proven identity and access management (IAM) solutions. And while they were specifically discussing the European market, their comments about budgets and the difficulty of implementation rings true worldwide.

“How can companies overcome some of the problems around the cost and complexity of IAM implementations? One way is to procure identity as a hosted or managed service. In general, enterprises and SMBs alike are using managed security services in greater numbers not only to gain improved protection, 24×7 coverage, and operational expertise, but also to lower costs and eliminate implementation, integration, and management complexity.”

We can even extend this strategy further than the enterprises and SMB mentioned. Law enforcement agencies, universities, government bureaus and more require proven, cost-effective means of implementing identity-based credential environments. This approach, particularly from a hosted aspect, heightens the security core of an organization — all without huge investments or costly IT staffs.

Regardless of the end-user, unified credentials enable organizations to consolidate the identity requirements for a number of security capabilities — usernames and passwords; logical and physical access; digital signatures; secure e-mail — onto a single smartcard. This not only simplifies the end-users’ security role within the environment, but also unburdens help desks and IT support.

This specialized convergence is happening in 2010. With key motivators such as security breaches top of mind, organizations are deploying multipurpose credentials to improve overall security, streamline operational processes and save money.

Someday soon, we’ll recall the times we needed a badge to gain access to the building, hardware token for remote access, and a username/password to access our laptops. And someday soon, we’ll require much less to accomplish the same tasks — a multipurpose smartcard credential and a simple PIN.

1 “Identity And Access Management Adoption In Europe: 2009,” Andras Cser and Bill Nagel, May 14, 2010.

Mark Joynes
Mark Joynes
Director, Product Management for PKI & Government Solution

Mark is Director of Product Management for Entrust PKI, Government & National ID Solutions. An Entrust veteran of 12 years, Mark has over 25 years’ experience in high-tech security. Prior to joining Entrust, Mark provided operational guidance for government secure-systems deployment, certification and accreditation consulting in law enforcement, defense and intelligence environments. Mark’s experience covers operational security policy and management across both private and public sector organizations.


Add to the Conversation