Identity Protection as a Service (IDaaS): Is Your Data While in Motion Riskier Than Your Data at Rest?

data-in-motion-wikiAs individuals, we are used to protecting our digital assets on our home computer, in our home, and in our workplace.   But when we hit the road as road warriors or seasoned travelers, we expose ourselves to potential threats that we are not always prepared for, even for the wariest of digital natives.

I read recently an article on how loyalty programs can deepen traveler engagement, improve profits and drive brand allegiance.  But it is not just loyalty programs that bring benefits in this digital age but traveler protection programs, specifically in the form of identity protection.  The travel industry, as well as insurers and corporate travel organizations, are starting to see the benefit of educating high-worth individuals in protecting their digital assets.  I call this identity protection as a service (IDaaS), and the trend here is to provide this in a business context as part of relationship-building between organizations and their high-value clients.   Yes, consumer identity theft protection programs have been around for quite a while, but this is focusing on those traveling for business and exposing data assets while in motion.

I recently did a “test drive” of such a personal identity protection solution, thanks to Generali Global Assistance (GGA) letting me have a look and feel of their Iris Identity platform.  There are many consumer-oriented solutions out there, but this one was unique in that it tries to not only protect the business individual but educate them on the risks that exist as well as focus on rapid and high touch service in the remediation.  The Iris solution is unique to their platform, and their system continually scans the Internet and alerts you if suspicious activity is found. They are searching for compromised credentials and potentially damaging use of your personal information, detecting fraud and providing alerts so you can take immediate action. The high-end aspect of this service is the 24/7 remediation services and their certified identity theft resolution specialists.  The solution also provided a resources area in the dashboard for articles and information about protecting yourself from identity theft.

As a user, you start by logging into the identity monitoring dashboard and provide a number of identity pieces of information, such as your social security number and date of birth. The more information you provide; the more data they can comprehensively monitor on your behalf. But there is the kicker, and I chose to provide a limited set of data.  Because I am not a trusting soul, I wanted to see what it did with my data before I went any further.   The good news is that a month and then two months later, I received my monthly Identity Status Reports which reassured me I was low-risk, and gave me several articles to read on identity protection to be better informed of issues and trends.  My low risk status may be based on my travel patterns and data habits while traveling, and it also might be that my data sets are outliers as I am a resident overseas, therefore not the usual kinds of data fraud occur with my data set. In working with another Know Your Customer (KYC) solution provider recently, I also had an overview of the kinds of data correlations in use in banks and other institutions looking for fraudulent data usage in a business context, and I could see what kind of data correlations would lead to potential exposure issues, and have changed some of my own data habits as a function of this insight.

I can see where this kind of IDaaS service solution can be beneficial to creating a trusted relationship between a service provider and a high worth individual (one who stands to lose significantly in an identity breach).   I can also see the need for education in business travelers, especially those not actively in the technology business sector, who may not be aware of best practices to protect themselves.  If something like this can both protect and educate, the benefits are longer lasting.

In that light, I recently read an article on way to stay secure while traveling , which was pointing out eight tips for travelers. I want to point out that the first one I disagree with in that relying on a password alone to protect yourself in this day and age is too soft for protection.   Authentication is critical in protecting your digital assets, and exposure of your digital assets should be like packing for a trip: pack light and efficiently.  The last point of this article focuses on the fundamental point of changing business user behavior when it comes to digital asset protection, especially when we are so focused on so much of our personal data on a device, even if the data is stored in a cloud.

I recently had a visit from an old friend who is a VP of Engineering in Silicon Valley, and he had access to everything for his trip via his iPhone, including his hotel and car reservation, directions, agenda, photos, business contacts, mail access, etc. He had nothing printed out, which made him green and environmentally conscious. But had his phone been taken while visiting with me overseas, he would have not only been severely disrupted in his trip, but made fundamentally uncomfortable for the rest of his business trip because even he received a new device, he would not know the ramifications of the potential of the data loss to both the business and to himself of the missing device for several months.  It is now worse than losing your wallet or purse, given the amount of personal and corporate information your device has had access to during a prolonged period.

For me, IDaaS is leading us to one I had predicted several years ago, which is personal data protection as a service (PDaaS).   This is where all of your identifiable data (from birth certificates onwards) is managed for you by a third party provider who is bonded and has the necessary audit ability for you to take a job in certain industries (e.g. defense, media, politics….?).    We already have reputation managers who can audit your persona online as to what is being said about you and by whom.

Is IDaaS perhaps a bit too much like Big Brother watching over you, or watching out for you? Given what is known about you already, it may be actually a better option than constantly watching your back to wonder what is happening with your data without you knowing while in motion.

About Dr. Alea Fairchild

Dr. Alea Fairchild is an Entrepreneur-in-Residence at Blue Hill Research. As a technology commentator, she has a broad presence both in the traditional media and online. Alea covers the convergence of technology in the cloud, mobile, and social spaces, and helps global enterprises understand the competitive marketplace and to profit from digital process redesign. She has expertise in the following industries: industrial automation, computer/networking, telecom, financial services, media, transport logistics, and manufacturing. Her clients are both commercial, government / public sector, NGO and trade associations. Dr. Fairchild received her Ph.D in Applied Economics from Limburgs Universitair Centrum (now Univ. Hasselt) in Belgium, in the area of banking and technology. She has a Masters degree in International Management from Boston University/Vrije Universiteit Brussel, Brussels, Belgium, and a Bachelors degree in Business Management and Marketing from Cornell University, Ithaca, New York. She is a masters Olympic weightlifter for Belgium, having won many international medals.
Posted on November 9, 2016 by Dr. Alea Fairchild

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Latest Blog

VMware's Industry Analyst Day Highlights Drive Toward "Consumer Simple, Enterprise Secure" Voice Continues to Dominate: Apple Releases HomePod, Broadens Siri's Reach IBM and Cisco Systems Team Up for Integrated Cybersecurity Solution, Services, and Threat Intelligence

Topics of Interest

Advanced Analytics

AI

Analytics

Anodot

Attunity

authentication

BI

Big Data

Blog

Business Intelligence

Cloud

Cognitive Computing

Corporate Payments

Data Management

Data Preparation

Data Wrangling

DataKitchen

DataOps

DataRobot

design

design thinking

Domo

Emerging Tech

enterprise applications

Enterprise Performance Management

enterprise video

fog computing

General Industry

GoodData

GRC

Hadoop World

Human Resources

IBM

IBM Interconnect

Iguazio

ILTACON

Informatica

Information Builders

innovation

Internet of Things

IoT

knowledge

legacy IT

Legal

Legal Tech

Log Data

Machine Learning

Managed Mobility Services

Microsoft

Mobility

Nexla

Order-to-Cash

passwords

Pentaho

Podcast

Predictive Analytics

Private Equity

Procure-to-Pay

Qubole

Questioning Authority

Recurring Revenue

Risk Management

ROI

Sales Enablement

Salesforce

Security

service desk

Social Media

Strata

Striim

Supply Chain Finance

Switchboard Software

Tableau

Talend

Tangoe

Telecom Expense Management

Time-to-Value

Trifacta

TWIDO

Unified Communications

usability

USER Applications

User Experience

User Interface

video platform

Virtualization

Visualization

Wearable Tech

Yellowfin