A Federated State of Identity
Online collaboration in the workplace has become commonplace and virtual interaction is opening up tremendous opportunities to bring employees and partners together like never before.
But the growing number of usernames and passwords needed to access these Web-based communities and tools are having the opposite effect in many instances - risking unauthorized access and creating burdensome administrative procedures.
Our Identity Solutions labs have been at the forefront of offering the latest protection for critical infrastructure and vital information. Federated Identity Management (FIM) is the latest service offering in CSC's Trusted Identity Enterprise Suite that helps organizations share information assets securely and efficiently among business partners and clients.
"This is very forward looking," says Art Coupe, practice director for CSC's Identity Management Solutions. "If you understand what's going on in the marketplace, in overall business, in supply chain, it's all about access to information and access by external users. Right now it's being done in a rather cumbersome and costly manner. Federation streamlines that. Once an enterprise becomes federated and can fulfill the functions, it has very broad business implications."
Building a trust-based system
 |
|
|||
|
||||
|
Related Information: Watch a video about FIM. Download a case study (PDF) about our FIM solution for BAE. Visit the FIM service offering Web page or download a brochure (PDF). Learn more about our Identity Management portfolio. Contact us for more information. |
|||
|
||||
|
||||
Federation enables a group of partners with business and technical agreements in place to allow a user from one federation partner to seamlessly access information from another federation partner in a secure and trustworthy manner.
In federation, the enterprise exposing its IT resources (service provider) trusts the identity credentials managed by its federation partners (identity provider). This eliminates the need for multiple IDs and authentication mechanisms.
"The service provider sees great cost savings and the identity provider sees much happier and productive people," says Scott Colenda, program executive for FIM. "There are two really compelling arguments for doing federation. The first is real cost savings for the service provider over time. Cost is very important, but the user experience is also directly simplified, which increases productivity."
Federation enables cross-enterprise single sign-on, which improves the experience of the people working for the identity providers. No redundant authentication is required. Users are spared the aggravation of remembering another ID on another system.
Managing access securely
In addition to impacting cost and efficiency, federation also improves security, says Scott Lewis, lead architect for FIM.
"One of the main problems with ID management is that people frequently don't get access removed," he explains. "Employees leave a company and don't get taken off the system, so their accesses stay in place. It's even worse when you're a service provider because you're not even in the same company as the person who left. With federation, the minute a person's account is deprovisioned, or even suspended, that person cannot access the service provider's applications anymore."
In information security, personally identifiable information (PII) is commonly defined as information used to uniquely identify, contact or locate a single person online. Coupe adds: "There's been this proliferation of your personal information out there when using the Web or conducting business. Federation enables you to minimize the amount of PII that is exchanged."
Benefitting from single sign-on
The global development team that created CSC's FIM service offering is representative of the diverse clients that can benefit from the product. Organizations that have a large number of external users coming into their enterprises and have a significant collaboration and coordination requirement will benefit from the service.
While federation is a relatively new concept on the market and numerous vendors offer systems and products that allow it, the draw of FIM is the manner by which it was developed and the ongoing support it offers after implementation.
"In developing our service, we looked from both the business and technical side and specifically worked with each of the major vendors to run their products in our labs and work through all the issues to make sure they operated properly together," Colenda says. Adding Coupe: "This translates to more efficient deployment in terms of time which means less cost for the client."
Adopting federation with CSC
As most clients lack the technical knowledge and hands-on experience necessary to support the integration configuration requirements of federation, back-end support is crucial. "CSC provides experienced architects, engineers and project managers to properly configure the system and ensure timely and efficient operation," says Colenda. "We can also provide ongoing run-and-maintain support so that the client stays focused on their business or mission."
But the challenges in adopting federation aren't purely technical. Our experienced business architects work with the client to involve the right people early in the project so that critical legal, organizational and policy decisions don't hold up completion of the project.
With a decade of identity management expertise, CSC is, and will be, using federation across its enterprise to the benefit of many, from creating single sign-on capabilities at companywide Ideation events, to allowing CSC employees the ability to access external sites for healthcare, travel and financial services benefits.