Today, it is inarguable to say that internet is essential in our life. People had become highly dependent on the internet as more and more businesses adopt digital transformation into their organisations. Digital transformation, which was once listed in most organisations as an option for future execution had turned into an immediate plan as it appear to show best results in keeping everything intact during the Covid-19 outbreak. Today, online services such as e-commerce, e-services which are powered by internet had become normalised in our daily activities. Online services, as we generally applies (not technically), takes a few simple steps to work; Launching the website or portal, authenticate personal identity for access to personal account and then verify to approve actions. Convenient as it seems, this growing activities lead to critically concerning issues; data and privacy breaches. As a solution, the security practice needs to change where this time, the focus is on identity and access management model (IAM) – from centralised identity to decentralised identity.
Centralised identity and its limitation
For many years, centralised identity had serve as data verification model to protect consumers’ data and control authentication and access to applications, APIs and other resources. At its core, centralised identity is generated, owned, and stored by one service provider. In easier explanation, for example, your login ID to an online store only gives you access to that particular online store. Therefore, the limitation here is obvious, a user will have more than 10 login ID to different service providers which makes it harder to manage. Secondly, if the service provider decided to terminate your IDs based on their term of use to their website, you will no longer had the right to use them. In other words, the login IDs generated via centralised identity model are not your privilege. Also, centralised identity model is not fragmented. This limitation makes users more prone to cyber attacks as one service provider is stores personal data of millions users.
From centralised identity to decentralised identity
While there is no one size fits all for data security solution, the limitation of centralised identity definitely a sign for the shift from centralised identity to decentralised identity. Decentralised identity which refers to an IAM through the utilisation of distributed ledger technology (DLT) that gives users full authority to their digital identity. It is the evolution of IAM that important key values which include users has total ownership on their ID, simplified application for identity verification and secure cryptographic storage on the blockchain.
E-SPIN being active in helping enterprise customers to implement enterprise digital transformation technology to achieve scale, scope and speed. E-SPIN since 2005, already in the business of supply, consultancy, integration, training and maintenance of various supplies for enterprise customers and government agencies. Feel free to contact E-SPIN for identity and access management infrastructure and application security, infrastructure availability and performance monitoring solution.
Other post that may interest you:
1. Identity Verification-What is Decentralized Identity?
2. Components of a Good CIAM Platform