You already bring your own device to a new job. Why not bring your own identity?
IDC predicts that BYOID (or, BYOI as more people call it) will be one of the major trends of 2013.
The researchers dedicated two sentences to the idea in their 20-page report about IT predictions for next year:
- "Bring your own ID" will bring consumerization into enterprise security. IDC predicts that many more enterprises, and the security software and services vendors that serve them, will use the identity management systems of Facebook, Google, Yahoo!, Microsoft, and other consumer social networks and cloud services as a new foundation for enterprise authentication.
In many ways, people already do bring their own identities to work. If you use Box, for instance, you can log in using your existing Google credentials. If you use Google Apps at work, for that matter, you may use a Google login that you set up years ago when you started using Gmail. Many cloud services let people login with their Facebook, Twitter, or Google credentials.
But since not every service you use allows you to sign in with the same credential (i.e., if you prefer to use your Facebook login you're out of luck with Box, which only accepts Google's or a new one), it's still complicated.
There are also new services like Okta that allows workers to use their Active Directory credentials to log in once and then use all of their cloud services. This is a step in the right direction since it makes logging into many cloud services easier, but it still requires workers to have a work identity.
Okta doesn't think that will change.
"It's an 'and' not an 'or'," said Eric Berg, vice president of products for Okta said. Many businesses are too worried about security to let people log into apps that contain sensitive enterprise data using systems based on social services where IT has no control, he said. He says Active Directory isn't going away.
Maybe so. BUt even Microsoft, which built Active Directory, is thinking about how to leverage the identity management platforms built by the popular social networking services.
Microsoft last week started offering its Azure access control service for free, after previously charging for it. This is an authentication and authorization service that lets users log in with their Active Directory identities or their Facebook, Google, Twitter, or Microsoft account credentials. Any Azure app can take advantage of this feature.
IDC isn't the only research firm talking about this trend. Last month Gartner also put out a report that mentioned BYOI. It said that enterprises benefit when users can log in with their social identities because the number of abandoned registrations and logins will fall. Overall, letting users login with their social identities lowers friction and improves the user experience, Gartner said.
Last summer, the CTO of Layer 7 also called BYOI the next IT revolution.
It will take some time for IT to develop policies and systems for allowing single sign-on with consumer apps, and to get comfortable with security implications. But just like BYOD, BYOI will happen because users want it. Eventually, vendors will enable it.