Use of external services providing federated identity management, access, credentials and authentication is growing with increased adoption of cloud service delivery models. Risk is introduced to any organization that ‘outsources’ critical services. By using an external service provider, even one in the same overall organization, the reliant organization becomes dependent on the security, operational stability and reliability of the external provider.
We will explore how systems operated according to standards of practice can be assessed and certified to demonstrate that they are capable of delivering the promised critical services. Use of 1st, 2nd and 3rd party assessments play a critical role in federated architectures and trust frameworks. Specific examples from assessment schemes and standards for digital identity practices will be discussed.
Key Takeaways