an imperative for digital transformation...business 2.0: new opportunities, markets, and offerings...

Trusted IdentitiesAn Imperative for Digital Transformationwww.abiresearch.com

2TRUSTED IDENTITIES – AN IMPERATIVE FOR DIGITAL TRANSFORMATIONwww.abiresearch.com

Business 2.0: New Opportunities, Markets, and Offerings

Modern enterprises are in the midst of a digital revolution, adapting to the demands of Business 2.0. They are looking to

embrace new business opportunities, expand into new markets, and propose new product offerings, as well as be more

agile in responding to existing demands. Their struggle is to remain relevant in a changing and increasingly vulnerable

business environment, all the while providing solutions and services that can disrupt and ensure they stand out amongst

the competition.

This transformation relies on digital technologies to fundamentally change the way products and services are offered. At the

core, this means adjusting business strategies and altering internal processes to become a digital-first enterprise. This digital

change is inexorable and those enterprises that are unable to transform will lose out to those that are innovating.

The challenge is to shift from a legacy enterprise where on-premise rigidity, fixed assets, closed perimeters, and siloed

procedures dominate into a digital one that is distributed, heterogeneous, adaptable, agile, and permeable. This involves

opening up the enterprise to new platforms focused on connectivity and open access, dominated by cloud and mobile. These

new digital premises foster exchange, collaboration, and expansion in unprecedented ways for enterprises.

Inevitably, this new direction exposes previously closed or obscured parts of the enterprise. For this reason, information

security needs to evolve and adapt alongside a digital transformation, and, above all, enable rather than impede.

The maintenance of a trust infrastructure is paramount for business success, in any context. Specifically, within a digital

context, an enterprise’s vulnerability is more visibly exposed. Notably, its intellectual property, personally identifiable information,

financial assets, brand reputation, and convergence with operational technologies, functional safety, and human lives are

all vulnerable. In this changing context, implementing and managing trusted identities comprehensively is crucial: for

people, for processes, and for products.

In an open and dynamic environment, it is vital to maintain trust, without which even the best laid digital plans will

fail. In a legacy enterprise where IT is centralized and scaling is done vertically through monolithic systems,

security was centrally controlled. With the perimeter fading, new distributed endpoints emerging and the

consumerization of IT, there is a significant loss of this control.

Security needs to adapt to these new environments and this requires building it in at the point of

access to information and applications, wherever that point may be. The concept of

trusted identities is central to secure that access, and forms the foundation of a

secure digital business. Beyond that, a digital trust architecture can even open up new

opportunities and markets for enterprises.

TRUSTED IDENTITIES

SECURE

FRICTION-LESS

ENABLING


Insight, Agility, and Trust: The 3 Pillars of Digital Business

To successfully embrace this digital revolution, it is important for enterprises to understand the implications of a digital

transformation, to be able to adapt and to ensure trust.

Insight is the first pillar. Being able to know what to change in order to compete in digital business is of chief importance.

This requires acknowledging changes within a target market and the way client demands are evolving. It is also about

understanding how competitors are positioning themselves and using insight to drive the transformation strategy.

INSIGHT

DIGITAL BUSINESS

AGILITY TRUST

Agility is the second pillar. Knowing how to change and be nimble from an IT perspective is crucial to implementing new

technologies that support business transformation. It means anticipating technology evolution and market changes ahead of

the curve in order to innovate and disrupt.

The final pillar is that of trust, which must be built into the digital business. Identity is key to that trust, and ensures all users,

processes, and products can be authenticated, authorized, and protected without introducing friction and frustration.

These three pillars form the core of digital business and enable enterprises to create new customer experiences and transform

product offerings.


Transforming the User Experience

Tying in a customer experience to a digital platform is no easy task, as it requires making their interaction an equal balance

between physical and digital. The digital aspect has to become an intrinsic part of the transaction, almost indivisible from the

physical experience. Customer retention can then be consolidated through digital engagement. The value of building a digital

presence is in offering seamless access online and physically through a single omni-channel experience both securely, and

without friction.

It is necessary to enable this experience across all possible access points of the business: desktop or mobile (eventually

wearable), and leveraging these with the physical. This requires investment in expanded customer services, which can make

use of targeted advertising, customer profiling, purchase history, location-based information, and social network interactions,

among other options. In addition, such interaction means allowing the customer freedom to create content and personalize

their digital experience, and even sync it with digital experiences from other companies.

This increased client involvement means expanded digital devices and platforms being used, and new data being generated

and collected. Security considerations are consequently expanded and demand a new approach, one which often relies on

trust and identity.

Case Study: StarbucksStarbucks is one such enterprise which has flourished as a result of a successful digital transformation based on these

three pillars, growing both client base and share price. The coffeehouse chain had insight into how mobile and digital

cloud transform their business, to the extent that these tools have radically changed the way people experience coffee.

Starbucks was agile too in the way it deployed these technologies. The first step was offering free Internet access for

clients, and creating a place where people could work as well as socialize. Then the firm leveraged smartphones to en-

able Mobile Pay & Go, cutting down queues for clients and payment processing costs internally. By tying in its loyalty

program with the mobile platform, Starbucks managed to upsell and pitch new products in a more customized fashion

based on buying patterns. Finally, it provided trust for the clients by enabling clients to create identities through its digital

platform. Clients were able to talk about their Starbucks experience through social networks, access premium content

while in-store, and participate in creating new flavors through the My Starbucks Idea website. Starbucks tied these back

to its mobile payments platform, and enabled a digital identity for each client to interact with the firm.

“Starbucks Agenda for Global Growth and Social Impact.” Starbucks Newsroom. May 17, 2016.

https://news.starbucks.com/news/starbucks-2016-annual-meeting-of-shareholders-press-release

https://news.starbucks.com/news/starbucks-2016-annual-meeting-of-shareholders-press-release


The security challenges in this case study are two-fold. The first is guarding data and privacy against fraud or misuse. With

increased information about customer habits and movements, the ability to preserve privacy and ensure adequate protection

of personal data is critical. The second is one of ensuring secure multi-channel access and proper authentication mechanisms

across devices (mobile and web) and platforms (social networks, payment systems, loyalty programs, content providers).

It is crucial also that security address the issue of seamlessness. Passwords, for example, cause friction and offer poor secu-

rity against modern attacks. New solutions that make secure access as simple as touching or swiping a fingerprint provide a

smoother process, all the while ensuring the identity itself is not compromised.


Transforming Products into Services

Internet connectivity, over-the-air updates, sensor-based monitoring and measurement: are all digital tools that provide added

value to legacy products and their supporting infrastructure. Their manufacturers have built out service-based systems that

can not only connect the company’s products, but potentially third-party products as well. By building a digital-first platform as

the primary offering, a product-based company can transform itself into a service-oriented one.

Digitally transforming a product or experience can provide a wealth of new information, such as product lifespan, customer

habits, and interactions with the environment or third-party products. A connected product can relay back information

on functioning and usage, record and measure new data, and the enterprise can act upon new variables, informing on new

designs or services. Knowing how a product is used in the field can help enterprises create value-added propositions around

that usage.

Of course, this information is only useful if the information gathered is reliable. If the product itself or the communications

channel is hijacked or tampered with, the value of that information is lost. Securing a trust framework is therefore a crucial

component of digital business. Trusted identities enable secure access control and authentication mechanisms to the smart

network and the interacting elements.

Not only does such a transformation reduce the planned obsolescence of a static product through more comprehensive

lifecycle management where services form the core of the offering, but by leveraging trusted identities, products can be

remotely upgraded, securely patched, and continuously managed over the course of commercial use. This is more than just

providing guarantees on the proper functioning of a product, but enabling added value after-market services.

Case Study: American StandardAmerican Standard is a heating and air conditioning manufacturer that is starting to pivot to a service-based model

for the smart home. The first step was connecting the HVAC appliances to a fully automated digital thermostat with

comprehensive controls for the home or business. The second step was connecting those smart thermostats to mobile

devices for the user to control, and to American Standard’s backend for servicing. The true digital transformation comes

with the service-based offering that is the Nexia Home Intelligence. This subscription-based offering allows monitoring

and control not just of HVAC devices, but also of lighting, cameras, and smart locks through either smartphones or a


web portal. The wireless capabilities are extended to enable a Z-Wave-based connection to more than 200 compatible

wireless home devices. With this new offering, American Standard is expanding from being a simple HVAC manufacturer

to offering much broader smart home management systems and associated services.

“The Move to Digital Transformation.” IDG Enterprise. March 17, 2016.

In this case study, an array of previously static, isolated products is transformed into intelligent devices operating on a smart

network. Their connectivity to the Internet, to smartphones, and to central management systems means that such products

become threat vectors in their own right. The imperative here is that the security mechanisms (such as authentication and

access control) must be deployed in order to protect against external agents. The appliances, their communications to the

network, the central management system, and the users accessing them must be tied together in an underlying security archi-

tecture, where only trusted identities can be legitimately allowed to function.

http://www.idgenterprise.com/resource/blog/the-move-to-digital-transformation/


The Impact of Digital Business within the Enterprise

Adapting to digital both internally and externally needs to be guided by a

corporate strategy and supported by a plan of action, where security and

a trust framework are incorporated at inception. A digital transformation

strategy must be defined at the top and deployed comprehensively through-

out the enterprise. The ultimate driver must be the decision-making C-level

responsible for ensuring that a secure digital transformation becomes a

strategic imperative underscoring all the company’s goals and objectives.

MARKETING & SALES

SYNC WITH PRODUCT DEVELOPMENT (ALM, DEVOPS)

INTERACTION WITH CUSTOMER SERVICE AND SUCCESS TEAMS

SUPPLY CHAINAT THE HEART OF DIGITAL

Managed ServicesCloud Mobile

BROKER CONTROL OF IT OPERATIONS TO:

IT as a business enabler New tools, more collaboration

Development

Deployment

Operations Application Lifecycle Management ALMAgileDevOps

Development and Operations

Development

Deployment

OperationsDevOps

MARKETINGAND SALES

ALM

SuccessTeams

CustomerService

ACTIONABLE INFORMATION ON PRODUCT DEVELOPMENT + SALES AnalyticsData

IT DEPARTMENT

Action Plan, Success Metrics, Relevant Milestones

DEFINE CORPERATE DIGITAL STRATEGY FOR ALL COMPANY (GOALS + OBJECTIVES)

CXO (C-LEVEL)


Transforming How We Work and Collaborate

Once the vision is in place and an action plan is developed, the strategy can be rolled out to the rest of the enterprise: IT ad-

ministration, product management, research and development, marketing and sales, customer support, and the supply chain.

Naturally, many of these new digital implementations need to provide a comprehensive and seamless experience for those

deploying it; which also must be in accord with the overarching corporate strategy. This is where automation and intelligent

systems play a central role. While each silo can micro-manage their tools and processes, they form a coherent part of the

overall digital architecture, ultimately enabling an intuitive functioning of previously disparate and unconnected divisions.

The corporate strategy should define how a secure digital transformation can be achieved company- wide, and include relevant

milestone and success metrics. Crucially, it needs to redefine the roles of various divisions, as a digital transformation means a

change not just in tools, but also in responsibilities.

IT ADMIN

For the IT administration, it means that they must move away from total management and delegate control of some of the

aspects, retaining the role of IT brokers. BYOD, cloud, and mobile apps have already taken control of some of these opera-

tions from admins and put it in the hands of employees. In a digital-first enterprise, IT sets the overall policy but can delegate

some of the micro-management to other users. Similarly, when employing DevOps, Application Lifecycle Management, or Agile

practices, IT admins will have to broker control of IT operations—including security—to these groups, but it can dictate the

overall IT strategy. Ideally, IT operations become a much more interactive process—essentially a business enabler helping the

business transform by leveraging new tools, and building new ways of servicing partners and customers. Admins will not be

able to retain total control over security, and therefore deploying a flexible trust infrastructure allows them to delegate some

of that security control to new digital security tools.

MARKETING AND SALES

With the advent of continuous lifecycle management, marketing and sales need to be in sync with product development and

management. With smart networks and connected products, they are able to better understand how clients are using products

and services, enabling them to create detailed profiles on each client and in time customize sales efforts for each individual use

case. Cloud apps and mobile tools have been key to unlocking such value for sales, making them more efficient and productive.

With such potential, marketing and sales can help inform the company’s overall strategy. This is especially important as a new

generation of users (i.e. millennials) use technology in radically different ways than the previous generation. Data and analytics

can provide actionable information not just to product development, but also to sales. Both silos can make use of the same


data streams to optimize the product, fine-tune delivery, and create and upsell new features, and effectively captivate the

customer.

However, these tools allow client insight into ever more confidential and sensitive data. Therefore, the implementation of a

trusted access environment for those making use of that data is necessary. A controlled and authenticated environment in

which sales can function is critical, requiring trusted identity and secure access to support it. Most importantly, security must

be frictionless, otherwise the value of these digital tools is lost completely.

SUPPLY CHAIN

One of the increasingly important elements of digital transformation is the supply chain, and this is where the trust infrastruc-

ture is critical. Enterprises need to keep in mind the ever-growing supply chain that comes with digital expansion, and the very

real threat vectors that they represent. More often than not, the supply chain is the weak link in digital business, and threat

actors have been highly successful in exploiting it.

Third-party service providers are at the heart of collaborative cloud platforms and mobile applications used within the digital

enterprise, and they unfortunately also provide a new point of entry for threats. Contractors and other supply chain players

are intrinsic to the integration of a new product or service offering that embraces the digital-first model. Consequently, trusted

identities and secure access must extend to them, and they need to be included in the overall digital strategy.


Avoiding the Pitfalls

It is crucial to understand that a bottom-up approach cannot drive a successful enterprise-wide digital transformation.

Localized digital initiatives develop within existing siloes that are often impermeable and therefore do not extend naturally to

other domains. Instead, they are more liable to exclude and make operations much more complex, adding uncertainty and

eliminating any potential benefits that could be derived from digital adoption.

This is why most enterprises fail at fully completing a digital transformation. They are unable to concretely implement a

digital-first strategy from the top down and cannot reconcile legacy processes with newer digital enhancements. It is

not simply a matter of replacing legacy with digital. The reality is that both contexts will continue to exist concurrently. Digital

starts with enhancing existing infrastructures, and in time, the aim is to replace some of those legacy functionalities. This

means that in the interim, both need to be addressed equally by a corporate strategy, and they must be able to integrate with

each other.

This rings true also for security measures and the extension of a trust infrastructure. A “hybrid” security model needs to

span legacy enterprise apps and emerging cloud and mobile environments. Benefits ascribed to digital technologies,

such as innovation, cost reduction, and productivity cannot be fulfilled if they are not harmonized securely with the

legacy infrastructure.


Focusing on Security

Critically, traditional security controls are no longer effective for digital business and the omission of adequate safeguards will

thwart any well-planned digital transformation. Next-generation security solutions are important to consider because they take

into consideration cloud and mobile and other emerging digital platforms that legacy platforms do not.

Cybersecurity, legacy, and next generation must be planned for in corporate digital strategies, forming a foundational element

alongside those of agility, business growth, competitiveness, and innovation. This will enable enterprises to accelerate their

digital transformation. As with other elements of change, transforming security to adapt with Business 2.0 means moving be-

yond just defensive and reactive safeguards to offensive and preemptive processes. With good security in place, enterprises

can more aggressively push toward becoming a true disrupter while minimizing the risk to the business. Above all, what is

needed, especially for the new cloud and mobile-centric architectures, is security at the point of use which can be delivered

with trusted identity and authentication for customers, employees, partners, and products.

Ultimately, security needs to be integral, adaptive, and responsive to the new digital ecosystem, but also continue to cater

to the legacy context. There are sunk costs that will not be easily discarded; nor should they. The difficulty is faced in how to

enable simple management of a complex technology in an increasingly heterogeneous environment. A framework of trusted

identities needs to be an intrinsic part of a cybersecurity fabric that is deployed throughout the enterprise, the supply chain,

and the client base.


What is Digital Trust?

The fundamental requirement, and the foremost security consideration, is trust. And because digital continues to evolve and

change rapidly, this trust exercise will happen frequently. Digital transformation is not just a one-time adaptation; it is a con-

stant evolution. Consequently, trust becomes a crucial concept, and it must start at the top before it can trickle down and take

root in all processes. Enabling digital trust allows enterprises to be bolder in trying to innovate and be first to market, and trying

to attain that leader position.

Unfortunately, the increasing visibility of cyberattacks and large-scale breaches erodes trust in digital, despite the fact that

many such attacks are in fact preventable. Enterprises and clients alike mistrust the ability of employees and organizations

to protect data in the face of growing cyberattacks. This state is compounded by the open nature of a digital transformation,

where many of the digital tools are created by third parties and hosted off-premise, and assets move in and out of the com-

pany’s perimeter, and therefore its control. Attacks coming through the supply chain are rife, and lend to this skepticism.

Despite this, digital technologies need to be trusted somehow in order for them to be used efficiently. This is where the

concept of digital trust emerges.


Trusted Identity as the Key to Digital Business Success

The foundational pillar of that trust lies in identity; whether that is of an employee, or a subcontractor, of a platform or an

application, of a device or an appliance. Digital trusted identities are the key to a successful digital transformation. Business 2.0

is enabled only by having a digital identity and authentication foundation in place.

Once an identity is trusted, other permissions can flow from it: authorization, access, control, management, etc. Moreover,

enterprises can re-invent processes to better serve customers. Many of the limitations in place today exist because digital

trust cannot be established. For example, limitations on withdrawing money at an ATM requires the customer to go personally

into the bank to withdraw more. Creating a digitally trusted identity can create a more seamless experience for the user, and

enable enterprises to improve productivity and cycle times, reduce costs, and develop a competitive advantage.

In fact, the concept of digital trust is changing the traditional identity and access management (IAM) discipline

into an identity relationship management one. The idea is not just to manage identities securely, but to do so as

efficiently as possible within the context of Business 2.0. The major difference with legacy IAM is that a vast number of

assets are now being included and they are as varied as they are numerous. Integrated, automated, and service-oriented

approaches will add to the difficulty of establishing identity, without forgetting the importance

of addressing both legacy and digital demands into new identity relationship management

systems. With a trusted identity, enterprises can be bold, but without it, they limit the business

potential and the level of innovation through newly introduced risks.

DIGITAL TRUST ARCHITECTURE

ACCESSTOOL

PROCESSESCTA

Analytics

ContentCreation

Data

Sensors

Connectivity

Automated

Interactive

DynamicPRODUCT

Alerting

Measurement

Patching

SERVICESControlUpdate

Management

PEOPLE

Client

Employee 3rd Party

Smart phone

Desktop

Web Cloud

TRUST

AUTHORIZATION

IDENTITY

With a trusted identity, enterprises can be bold, but without it, they limit the business potential and the level of inno-vation through newly introduced risks.


The feat seems herculean and yet it need not be. Digital trust and the underlying framework can be implemented

reasonably. Digital trust providers can help build that architecture and deploy it enterprise-wide, provisioning users,

streamlining and securing access to devices, apps, and sites. Next generation authentication solutions can help build that trust

into digital transformation, and ensure a frictionless user experience.

Future success, increased revenues, greater market share, and a leading competitive strategy can be achieved by ensuring

that digital trust forms an intrinsic part of an enterprise’s digital transformation strategy.

Entrust Datacard is one such enabler within the trust framework providing solutions help secure the move to cloud,

mobile, and IoT. Serving the world’s most demanding organizations for over two decades, their trusted identity solu-

tions include a comprehensive suite of advanced authentication and identity analytics that leverage mobile and cloud to

address the needs of today’s digital business demands. Most importantly, Entrust Datacard provides that vital cover-

age of both legacy and digital, allowing for comprehensive integration between the two. Whether an enterprise wants to

avail itself of a traditional on-premise deployment, a virtual appliance, or cloud service, Entrust Datacard offers the

ability to build an all-inclusive trust framework. Their goal is to cater to a wide range of use cases, whether internally or

B2X. This means the Entrust Datacard authentication solutions are able to evolve alongside an enterprise’s digital trans-

formation. In addition, Entrust Datacard ensures that the trust architecture can be managed seamlessly, despite the

increasing complexity that may result from digital change.

Fundamentally, Entrust Datacard secures digital identities in an ever-changing corporate environment. This prerequisite is

the foundation of digital trust, upon which visibility and transparency can be established, and from which a successful digital

transformation can be launched.

www.abiresearch.com

Published January 18, 2017©2017 ABI Research

249 South Street

Oyster Bay, New York 11771 USA

Tel: +1 516-624-2500

www.abiresearch.com

Entrust Datacard, Entrust, the hexagon, and Trusted Identities Secure Transactions are trademarks, registered trademarks and/or service marks of Entrust Datacard Corporation in the United States and/or other countries.

© 2017 ABI Research • abiresearch.com • No part of this document may be reproduced, recorded, photocopied, entered into a spreadsheet or information storage and/or retrieval system of any kind by any means, electronic, mechanical, or otherwise without the expressed written permission of the publisher.

Exceptions: Government data and other data obtained from public sources found in this report are not protected by copyright or intellectual property claims. The owners of this data may or may not be so noted where this data appears.

Electronic intellectual property licenses are available for site use. Please call ABI Research to find out about a site license.

an imperative for digital transformation...business 2.0: new opportunities, markets, and offerings...

Documents