Communications of the Association for Information Systems


As organizations extend the online delivery of services and data across departmental, organizational, and even jurisdictional boundaries, they must trust that they can identify and authenticate the customers, businesses, employees, and third parties using them. Traditional approaches to identity management (IDM), such as documents, clearly don’t work in the online world, yet to date there is no online equivalent of the passport or photo-id. Instead, organizations have established their own identity management practices. As a result, IT managers are looking for more holistic and standardized IDM practices that could simplify access to multiple services and enable organizations to collaborate and cooperate across global organizational boundaries, as well as keep identity information secure and private. This article explores these IDM challenges and how managers are approaching this issue. It discusses the key management components of IDM looking first at the basic concepts of IDM, its essential elements, and organizational stakeholders. Next, it examines why IDM is increasingly a business concern, in addition to an IT concern and describes the key IDM challenges facing IT managers. It then distils key principles of effective IDM and makes recommendations for how IT managers can improve on their current IDM efforts.