In a recent post, I discussed the journey to automation and the steps for implementing a Robotics Process Automation (RPA)-capable automation platform. Here, I’ll cover the first of those steps, which is to establish an identity relationship management (IRM) platform that encompasses people, locations, roles and – with the advent of the internet of things (IoT) – devices, apps and other “things.” Each of these dimensions needs to be assigned an identity across a network, and each intersect to define privileges – things such as identity and what you can access, including the services you can consume and the types of devices that make sense for you. When you think about services, you’re really thinking about the engagement model that’s most appropriate for each of these services.
How do we attenuate the various dimensions of your identity to deliver the most appropriate service, maintain productivity and manage or encourage – not only limit – the use of technology to be more productive? The objective is to leverage a platform that provides a quick, appropriate and flexible experience for each of those customers. The goal of understanding not only your identity but also your role, your location, your device and your applications is to be adaptable vs. restrictive. Today, the standard use case in the industry is to establish a limited service catalog that is used to manage the device domain, but it doesn’t serve in any way to manage some of the more expensive elements of costs: the device is the smaller part of total cost of ownership (TCO), it’s the support and services that overwhelm the cost equation.
The next objective is to think about how we drive productivity, which transforms into top line revenue instead of taking the blinders-on approach we use today that’s focused around reducing operating expense. In order to deliver that, we have to get to the concept of dynamic intelligence rather than static intelligence – and that’s the difference between IRM and service catalog.
This now requires us to think about identities in this broader sense. What does that compare with? Today, when companies think about identity they think about Active Directory, LDAP or Single Sign-on. Their most important asset, their people, is lost because these three traditional approaches really only understand people and access. They don’t have the capacity or they aren’t appropriately leveraged to understand the balance of the dimensions I described above. And it needs to be done at internet scale, it has to be borderless, meaning it has to understand things both inside and outside the domain, and it has to be modular because it now has to understand cloud and SaaS, as well as those things inside the enterprise.
As an example, your identities with Amazon, Google or Facebook, or even your network carrier, are a hybrid between your security (your identity, password, credit card information and address) and the transactions you’ve processed on those services. For Amazon, it’s the things you’ve bought and where you’ve shipped them, for Google it’s the services you’ve used, the activity and locations they’ve captured, and for the carriers it’s the people you interact with, the numbers you dialed, the addresses you’ve emailed and the net traffic they’ve seen. This all gets layered on top of a user’s identity, password and payment information. But today, traditional IT only thinks about it around your name, password and the applications you have access to.
How does this limited information, this mass ecosystem of technology you interact with, really help make you more productive and improve your experience? We can think about it in terms of the digital companies that are literally reshaping our world. In Facebook, for example, your identity is not only your user ID and password, but also the groups you belong to, the people you interact with and the ads you click on, and that’s why identity is the basis of future automation. RPA doesn’t have the benefit of the cognitive interaction that humans add to the equation: You can have a conversation with me and listen to my tone and process the information, and when I mention Google or Amazon you understand what I mean, but if you just have those terms in a row of data it doesn’t understand what that is. To have automation work for you, you’ve got to provide a much richer identity for each person, each device, each application and each location so that robotics will have the context to understand how best to serve you.
Key Steps to Follow
The first step is to create the concept of global IDs for the various dimensions in the ecosystem. Every person, device, application and location needs a global ID, a unique identifier for each.
Next, you need to do Discovery and Correlation. Once you have a single global ID for users and devices, and so on, and you’ve propagated those across all the electronic systems you interact with, you then need to be able to bring all that back and correlate it. When you do, you get the intersection – in other words, this user has this role at this location, uses these devices, these applications and these services. This lets you understand how many devices are being used, what types of services are being accessed and how often (consumption rate).
Once you understand that, there is some amount of information that in the enterprise today can’t be electronically discovered, so it needs to be collected. That data is sometimes collected with data feeds, sometimes with surveys, and sometimes with focus groups. The challenge with simply surveying and running focus groups is that the base information around characteristics of an organization are not apparent yet, which is why we precede it with the Discovery step. The challenge with collected data is that it becomes stale almost immediately after it is collected. For that reason, ecosystems and platforms that deliver this need to include an ability for users to self-maintain that data. LinkedIn is great example of an application that empowers users to add their own information.
All of these examples are right before our eyes, we interact with them every day. Yet so far we’re not making the correlation between what we’re seeing and what we need to do. And that’s the challenge.
Next I’ll discuss how to mesh people actors, machine actors, client systems and partner systems through digital services integration. In the meantime, I look forward to your comments and questions.