By Mike Kiser, senior identity strategist at SailPoint
Have an identification card in your wallet? With a selfie and a few short minutes, you could have access to a business bank account.
Small and medium enterprises (SMEs) have long been the fuel that drives the global economy, representing around 90% of businesses and more than 50% of employment worldwide. Over the last few years, a range of financial services and platforms have arisen over the last few years to support the banking needs of these organisations. They are often digital natives and are innovating to meet the needs of their clientele.
This innovation provides great ease-of-use and rapid access to credit but also demands a careful consideration of their assumed security approach. The aforementioned scanning of an identity and a quick photo to establish a bank account demonstrates the rising importance of identity in both the consumer and enterprise arenas.
The blurring of the lines between personal and corporate identities (in this case, an individual acting on behalf of a small business) is still in its infancy. Combined with the ubiquity of mobile devices, individuals will tire of maintaining different accounts, different personas, different lives for each activity. Usability will demand that identity be reusable, portable, and secure.
This has massive implications for enterprises and the financial institutions that serve them if they seek to prevent cyber-attacks; thankfully, the same element that presents the security challenge also offers the solution: identity.
A New Vantagepoint
Just as individuals desire a single identity to unify their interaction with disparate parts of the world, organisations can use identity to grant them a single, holistic view of an individual (attributes, access, and behaviour) rather than seeing only a fragment at a time. This is particularly important for these new financial institutions—much of their technology stack is cloud-based, which often leads to splintered security approaches. An identity-based approach must be cloud-aware, and able to distil these complex environments into simple and easily governed infrastructure.
This collectivisation also allows security to use identities in the aggregate: to see what groups of similar individuals exist, what access these groups have, and what their usage of this access typically is. All of this contributes to the establishment of what normal is, whether it’s attributes, access, or behaviour. Once the “normal” is established, then the outliers—the potential threats—may be quickly triaged.
Adaptability: The New Imperative
The recent wave of change has demonstrated that financial institutions and organisations must be ready to adapt quickly to shifts in the environment. Portions of IT staff and services have been furloughed, and adjustments to new realities are essential. An identity approach that learns from the evolution of changes in the previously established areas of normality can grant enterprises the ability to see what is coming next and invest appropriately. Much like a view from an elevated position grants the ability to see beyond the normal horizon, basing a security strategy on identity makes it inherently adaptable.
Identity: Innovation and Security Intertwined
Identity, then, is a foundational consideration for financial institutions seeking to provide services for the perennially important small and medium enterprise sector. By eradicating barriers to entry that have historically kept financial organisations and enterprises apart, it is driving rapid adoption and a growing market for innovative banking. At the same time, it shows the path forward to securing those new services in a pre-emptive, adaptable way.
Now if you’ll pardon me, I must go open a bank account for my next start-up—from my mobile.
