Identity Management (IDM) is no longer just a technology issue but has become a business issue, and organisations have begun to realise its importance in doing business more efficiently.
According to Farhan Ibrahim, of Oracle Corporation, with the sharp growth that Pakistan's companies, especially in industries like financial services, telecom, manufacturing, retail & distribution and IT-enabled services are witnessing, they have realised that they had to open doors to the world while ensuring that the world does not walk through them.
Industry analysts estimate that the IDM market, which was $2.6 billion worldwide in 2006, would reach approximately $12.3 billion in 2014, and the public and finance sector are expected to lead its adoption.
Ibrahim told Business Recorder that it has become necessary for them to securely manage appropriate access to business resources for employees, customers, partners and suppliers. An information security framework, or IDM, allows them to reduce threats and improve compliance. Some of the major factors that are driving the growth of identity management solutions in Pakistan include regulatory compliance norms, managing identities, and access control and compliance management.
Replying to a question as to what are the major security threats the enterprises are facing, he said that enterprises searching for answers to their security problems should increasingly take a closer look at their internal operations. Large numbers of security breaches happen from either an employee within the company or by outsiders entering the network to corrupt it. The challenge is to ensure that the right people should have the appropriate access to the right resources at the right time and to be able to prove it. Also, organisations today face the challenge of protecting confidential personal and business information from unauthorised users.
He said that an information security framework allows organisations to: Rreduce Threats: A secure infrastructure reduces the risk and associated cost from malicious sources. Improve Compliance: Oracle's secure solutions offer features, policies, and procedures to address internal and external compliance requirements.
Build in security from the start: Security is built in from the outset, making for consistent, secure deployments that mitigate risk, and Win and maintain customer confidence/loyalty: When information security is a top priority, organisations enjoy higher levels of trust, and better business with their customers.
A holistic approach to security can save money. Companies today are spending 10 times more on compliance projects because they adopt an ad hoc approach rather than as part of a strategic, proactive compliance programme which is costly.
In addition to global regulatory requirements like Basel II, privacy legislation is forcing companies to look at ways to certify data that is held to be compliant to privacy laws. In the United States, one financial services company managed to reduce their annual costs involved in supporting the identity administration needs of their 2,000 employees by half a million dollars.
Organisations need to protect confidential personal and business information from unauthorised users and ensure that adherence to rules and regulations can always be substantiated. This is where compliance has got a role to play in the identity management, Ibrahim said.