Tom Murphy, Senior Director of Sales & Marketing, XTec Inc.

A single identity can be simple. But, as all enterprises eventually realize, the lifecycle maintenance of those identities proves decidedly complicated. The responsibility of keeping identities current, accurate and securely linked to functioning credentials – for the long term – presents the most significant challenge to current enterprises.

At inception, identities represent a straightforward equation. To support the needs of an enterprise, a single identity is affiliated with a credential(s) and assigned specific permissions. An identity management solution supports the identities’ functionality en masse, handling attributes, permissions, identifiers and credentials.

But then the needs of the enterprise change. The responsibilities of individual staff evolve. Employees leave, new employees arrive. Incidents or new threats require security to be enhanced or expanded. Lost or compromised credentials may need to be revoked while others expire. Permissions require adjusting, names need changing and security clearance levels fluctuate. In short, life happens. And the result is a litany of changes to affected identities.

Fluctuation this constant requires a flexible – but unified – identity management system. It demands, in a word, scalability. As the role and related permissions of a single employee evolve over time, that individual’s identity must also expand. Scalability, applied to a single identity, requires an identity management system to keep the full development of the identity intact from inception to termination.

Let’s look at an entry-level employee. When she arrives at the enterprise, she may require few permissions or access to only a limited number of the enterprise’s physical facilities. But as her responsibilities at the enterprise expand, she may require access to more spaces and logical access to an increasing number of applications. Life changes may require a name change.

This sort of virtual shape-shifting is not uncommon. But the lifecycle maintenance required to support it can strain the enterprise. An identity management system that offers scalability will ease these complications.

To fully – and securely – support evolving identities, a system should also organize identity attributes in a logical fashion. After all, we know maintenance measures are forthcoming. Why not organize our identities in a way that anticipates them?

First and foremost, identity attributes belong together. Properly linked, these attributes can be addressed as a single entity – a single identity, which they do comprise, after all. One way to orchestrate such grouping is by leveraging an identity management system that is accustomed to credential management.

This is especially important in the federal or PIV-Interoperable arena, where the credential effectively becomes the digital representation of the identity. Another major benefit to an identity management system is having functionality that supports permission structures.

However enterprises choose to handle their identities, they must acknowledge the challenge presented by lifecycle maintenance. And they would do well to equip themselves with an identity management system whose scalability is flexible to our evolving security world and whose approach to identities adequately groups related attributes from day one. Because, as the old adage reminds us, the only true constant is change.

About the AVISIAN Publishing Expert Panel

At the close of each year, AVISIAN Publishing’s editorial team selects a group of key leaders from various sectors of the ID technology market to serve as Expert Panelists. Each individual is asked to share their unique insight into what lies ahead. During the month of January, these panelist’s predictions are published daily at the appropriate title within the AVISIAN suite of ID technology publications: SecureIDNews, ContactlessNews, CR80News, NFCNews, DigitalIDNews, ThirdFactor, RFIDNews, EnterpriseIDNews, FinancialIDNews, GovernmentIDNews, HealthIDNews, FIPS201.com, IDNoticias ^es.