In many organizations, users have different personas. A HR manager, for instance, has a persona as a HR manager, but also as an employee and perhaps even a third persona for legal matters. Depending on these personas, other access rights and privileges apply. TrustBuilder’s multi-persona authentication allows users to use the same identity for different personas with different attributes and access rights. Multi-persona authentication increases user experience and decreases the complexity of user administration.
What would you prefer: create a new identity for each possible role a user can have in an organization? Or combine different personas into one identity, allowing users to always authenticate with the same credentials? Multi-persona authentication provides the answer.
Many organizations solve the multiple persona puzzle by creating different accounts for each individual persona, thus requiring users to use different username/password combinations for each separate account. Each account has different permissions and it is left up to the user to remember what account to use for what persona. Having these different accounts linked to the same individual, makes identity management overly complex.
Multi-persona authentication does away with this complexity, allowing users to authenticate with the same credentials for each persona. The security policy can lay out what authentication method is required for what persona. On the administration side, multi-persona authentication makes onboarding, offboarding and persona management more transparent, saving time and effort.
With multi-persona authentication, users are not forced to remember different credentials. This enhances security for the organization and convenience for the users. They can use one identity with the same set of credentials for each persona. And they can link multiple authentication methods to each persona. As an employee, they can use their company username and password. For their management role, requiring a higher level of authentication, they can link multi-factor authentication to their identity.
Creating and administering multiple identities for one and the same individual is a hassle for IAM administrators. At onboarding, multiple identities need to be created. And when a person leaves the organization, admins need to ensure that all identities for that one individual are deactivated. With multi-persona authentication all administrators need do is create one identity with multiple personas and define the right attributes and access privileges for each persona. At offboarding, only one identity needs to be deactivated. This eliminates risk and saves time and effort.
Multi-persona authentication plays a key role in making delegated access management possible. It allows to give authorization or delegation power to users to access or manage data or consent of other users. This is also important in setting up approval flows, for instance for the approval of holiday requests or expense claims.
One individual can act as many personas inside an organization
In real life, an individual has many personas: a daughter, a sister, a mother, a spouse, a sister-in-law, a president of the tennis club, a volunteer in an NGO, etc. As in real life, the same happens in any industry. Multi-persona authentication delivers advantages to any type of activity.
As described above, an employee may have different personas inside an organization. As a manager, he may have to approve expenses, holiday requests, etc. But he also needs to request holidays himself, acting as an employee. In many organizations, this requires users to constantly log in and log out, depending on the task they are about to perform. Multi-persona authentication allows them to log in with one set of credentials.
In a higher education environment, the same person can be seen as two different personas: as an alumnus or as a staff member. Depending on the persona, the user has rights to access different applications and documents.
In the case of a hospital, one and the same person can be both a patient or a nurse. Or a patient and an external healthcare provider. The sensitive nature of personal data used in medical environments requires the strictest security. Multi-persona authentication allows people to use the same identity to access different data.
A government administration may recognize a citizen as an employee of a company, but also as the owner of another company or the representative of an association. For both the user and the government agency, allowing multiple personas combined in one identity reduces security risk and enhances customer experience.
Engage in a chat with our product people to discuss IAM trends and challenges, and our solutions.
Take our Maturity Assessment to find out how you can accelerate your digital transformation.
Experience the power of TrustBuilder.io Suite through a demo, personalized to your challenges.
Visit our offices, send us a mail, call us, or simply fill out a contact form.