If you work in the area of identity you will have noticed a lot of talk about self-sovereign identity (SSI). As a concept, it applies the goal of placing the user at the center of digital identity management and control. User-centric digital identity is not a new idea. I first came across it back in 2008 when I read Kim Cameron’s Laws of Identity — the piece itself going back to 2005. Law 1 states that “No one is as pivotal to the success of the identity metasystem as the individual who uses it.”
Data privacy has made big headlines in the last 12 months. Wherever we look there is an article about a data breach, a data protection regulation update, or a colleague talking about data privacy. It may have all become too much, and we have to ask ourselves, “Have we reached ‘peak privacy’?”
Digital Identity – just the phrase leaves you thinking this must be important; after all, our identity is about who we are and what we do. Digital identity is a big technology space too. It encompasses a variety of sectors including verification-as-a-service, consumer identity and access management (CIAM), cloud (SaaS) identity, transaction authentication, and the newest entrant – self-sovereign identity. The financial value of the identity space is massive. Identity verification-as-a-service alone has been predicted by McKinsey to be worth $20 billion by 2022.
It is often said that if you don’t have your health, you don’t have anything. Good health helps to keep us happy and productive, but a healthy lot we are not. The World Health Organization (WHO) has predicted that by 2020, three-quarters of global deaths will be due to chronic illnesses.
Back in the day, a new idea was floated called “layered security.” It was a model that helped an organization plan out how to secure across all the touchpoints of the business; each layer protecting against a threat. Layered security evolved into the more holistic “Defense in Depth.” This new model was based on the philosophy of the whole being greater than the sum of the parts. It is a good model to follow and one that I believe the digital identity space can replicate. Here's how.
In the identity and access management (IAM) space, we talk a lot about identity. There is an historic reason for this as well as a psychological one. After all, when we do something online, we are doing it as a digital version of ourselves, aren’t we?