Ponemon Institute has released its CA Technologies sponsored study “The Identity Imperative for the Open Enterprise: What IT Users and Business Users Think about Bring Your Own Identity (BYOID).
They surveyed 1,589 IT and IT security practitioners and 1,526 business users with more than 1,000 employees in United States, Australia, Brazil, Canada, France, Germany, India, Italy and the United Kingdom to understand current trends in Bring your Own Identity or BYOID, which is defined as the use of trusted digital or social networking identities.
- 74% of the IT users surveyed report to the CIO
- 15% report to the CISO
- 55% of the business users in this research report to the lines of business leader
- 10% report to the marketing officer
The majority of respondents in both groups have high levels of interest in BYOID, but IT users and business user groups have different views about the perceived potential value of BYOID.
- IT users view BYOID primarily for fraud reduction, risk mitigation and cost reduction
- Business end users are more interested in how BYOID can streamline customer’s experience and assist in targeted marketing campaigns.
Some of these differences can be expected because of the different job responsibilities of each group. These differences do not necessarily portend conflict, but rather show the need for collaboration between IT and the business functions to yield maximum benefits for any organisation deploying a BYOID system. By developing a cross-functional BYOID strategy around several well-defined use cases, organisations can differentiate themselves from competitors and further grow their business.
Key finding of the study are:
The Application Economy Drives BYOID Interest
In today’s application economy, organisations need to securely deliver new apps to grow their business quickly. This can increase IT risks, which puts a premium on an organisation’s ability to simplify the user experience without sacrificing security. Using an existing digital or social identity issued by a trusted third party to access applications can help organisations meet the need for simplicity, security and a positive customer experience.
- 67% of IT users say the primary value of BYOID is from strengthening the authentication process
- 54% from reducing impersonation risk
- 79% of Business users believe the BYOID value comes from delivering a better customer experience 76% believe it is from increasing the effectiveness of marketing campaigns
While IT sees value primarily in risk mitigation/cost reduction, business users see the value of BYOID in improving the consumer experience to increase customer loyalty and generating new revenue streams. This underscores the need for IT and business collaboration to address the challenge that today’s organisations face: how to secure the business while simultaneously empowering
Mobile and Web Users Drive BYOID
Today’s IT organisations must deliver secure access to a highly distributed and growing user population. These users expect to access information anywhere, anytime from multiple devices. This is changing how user identities should be managed and is affecting the demand for BYOID.
When IT practitioners and business users were polled on their level of interest in accepting identities for different user populations such as job prospects, employees, contractors, retirees, website customers or mobile customers, mobile and web customers received the most interest, far exceeding that of the other populations.
- 50% of IT respondents and 79% of business respondents have very high or high interest in BYOID for website user populations
- 48% of IT respondents and 82% of business respondents have very high or high interest in BYOID for mobile user populations
BYOID Requires Security Enhancements to Drive More Adoption
While the survey results indicate interest in BYOID from both IT users and business users, both groups identified features that could contribute to broader BYOID adoption.
When asked which features would most likely increase BYOID adoption within their organisation;
- 73% of IT users’ top features are identity validation processes
- 66% have multi-factor authentication as the top feature
- 71% of Business users say both identity validation processes and simplified user registration are the most popular features for increasing adoption.
The study also indicates a high level of interest for some level of accreditation of the identity providers
- 59% of IT saying it is essential or very important
- 21% saying it is important
- 27% of business respondents say accreditation is essential or very important with 48% believe it’s important