The problem that IDs are not managed uniformly

I think the IDaaS (Identity as s Service) market is suddenly getting hot and competition is accelerating. Meanwhile, Okta announced that it will acquire Auth0 for about 700 billion yen ($ 6.5 billion). As mentioned in the ZDNet article that reported this news, I think that some clouds will become the basis of the IT environment of enterprises in the future, and it will be identified. One of them is IDaaS. Furthermore, I think the time will come when you can choose from one or two types of clouds for each field. At least, Microsoft 365 and Google Workspace are the major cloud services as comprehensive business tools used by companies. There are other fields such as Zoom for web conferencing, Slack for chat, Box for cloud storage, VMware Workspace One (formerly Air Watch) for device management, etc., but of course there are a number of vendors that can be offered omnidirectionally. Is limited. On top of that, in this era of cloud heyday, while continuous updates are indispensable, the number of companies that can have enough resources, so-called people, goods, and money, is limited even in a specific field. Will be done. In that respect, the IDaaS market also seems to understand why Okta, which has to deal with IT giants Microsoft and Google, has invested a huge amount of money to acquire Auto0. While Microsoft and Google provide comprehensive tools, we can see the composition that only one or two companies with great strengths in a specific field can compete. I have mentioned many times in this series that ID is important not only for Device as a Service (DaaS) but also for “As a Service”. Services are what we provide to people. On the highly anonymous Internet, IDs are essential to provide the right services to the right people. It is said that the idea of ​​zero trust, which strictly verifies this ID every time a service or data is accessed, is indispensable to prevent the recent sophisticated cyber attacks. In addition, SSO (single sign-on) provided with IDaaS provides an essential function called MFA (multi-factor authentication) not only for improving user convenience but also for security. In the world where various things will be replaced by digital and provided as a service via the cloud, IDaaS can be said to play a central role. This move will accelerate, giving us a glimpse of Okta’s great ambitions. I also see Microsoft’s acquisition of LinkedIn as an attempt to provide services not only within the enterprise but also across the enterprise in the competition in the identity market. IDaaS is still a market with many potentials and will continue to be explored. In the previous article, I mentioned that the government’s “GIGA School” recommends the use of DaaS when considering the overall operation such as device refurbishment (reuse process). He also mentioned that there is a problem with important IDs in DaaS at GIGA School. In the field of education, Microsoft (Teams) and Google (Meet) are now dressed as tools for online lessons, and their adoption is left to the discretion of each local government. Different tools are used, which means that each municipality has a different ID. It would be nice if the degree was different depending on the local government, but the management level is also left to the local government. Therefore, some local governments collect IDs all at once, while others leave it to each school. In addition, although the ID is for identifying a person, due to the expanded interpretation of the Personal Information Protection Law that is often seen in Japan, there are places where the ID name is attached by grade, class, or attendance number so that the person cannot be identified. That’s right. This means that if you advance, you will be assigned a different ID again. This makes the ID meaningless as an ID. I don’t feel the idea that there is data or security associated with the ID at all.