An interesting take on the impact that social networking will have on security in the enterprise.
» Social networking needs identity delegation strategies | Between the Lines | ZDNet.com
» Social networking needs identity delegation strategies | Between the Lines | ZDNet.com
Many of these applications ask users to enter their credentials for some other service so that they can provide a Facebook interface. Unfortunately, users are all too willing to do that if the application offers even a small benefit. [...]
Let me give you another type of scenario: more and more organizations are going to online paystubs. You access them with your corporate authentication credentials. Suppose an employee’s spouse is the one who does the bills. Do you really think that your employees won’t share login credentials with their spouse so that they can access the online paystubs? Don’t be naive. [...]
Letting employees and customers share access appropriately without giving them incentives to give away the keys to the kingdom requires better ways of delegating access than sharing passwords. Delegation should be an anticipated interaction model in network applications that we design and build. Unfortunately, many organizations are struggling just to get single sign-on working let alone designing a complicated delegation system into everything. Sit down for a minute and try to design a reasonable, easy-to-use, secure delegation pattern for one application and you’ll see how complicated this can be.
No comments:
Post a Comment