Welcome!

Websphere Authors: Kevin Benedict

Blog Feed Post

The Role of Cloud Identity in Mobile Device Security

ipad-doctor

This post is sponsored by Good Technology.

The third and most recent in the series of white papers from Canada Health Infoway, the standards body for E-Health in the country, is Mobile Computing in Clinical Settings.

Transformation through Enterprise Mobility

This details a complete description of best practices for an enterprise mobility strategy including MDM (Mobile Device Management) and related security aspects,  and provides an insightful review of how enterprise mobility can dramatically enabled business transformation.

One case study example described is Ottawa Hospital, who have been equipping doctors with iPads, a ‘virtual clipboard’ if you like that can support decision-making in real-time, via a device convenient and practical for these demanding environments.

They can even be flipped to then act as an educational tool too.

ipad-doctor2

Identity-enabled Integration

Ottawa is also using IBM middleware to integrate with back-end systems. Without this integration the device would really only be useful for Fruit Ninja, which while fun won’t help speed healthcare treatment.

These scenarios capture exactly how important integration is, because to add any real value the doctor needs to access not just patient EMR systems, but also the broader estate of IT systems within the patients ‘Circle of Care’.

And of course in this day and age the Web is equally crucial; they want to be able to Search and find decision-support information from across a multitude of online libraries and news sources relevant to their field.

This means they need to build access not just to their own systems, but also those that lie outside of their own IT environment.

A critical dimension to this is Identity – If they have to provide a username and password for each of these transactions the ease of use of the device is quickly going to diminish meaning the likelihood of continued adoption also dies, and the CHI paper describes the latest cutting edge best practices for this:

From page 45 they describe:

Considerations for Privacy and Security

Organizations should consider the use of a ubiquitous identity credential and authentication mechanism(s) for mobile devices and mHealth apps. The identity credentials would be used for access to HDO information systems, as well as mobile apps.

A common or federated authentication technique across mobile or cloud based apps and systems will provide for an increased and uniform level of confidentiality.

Consideration should be given to cloud based Software as a Service (SaaS) Identity Management capability available for the issuance and management of common or federated identity credentials. Federated credentialing can be device based or device independent.  

Harmonization or federation of device, mobile app and health care organization system authentication schemes is recommended.  

In a BYOD context where several device platforms are supported, consideration of ubiquitous identity credentials that are mobile platform independent is recommended.”

They describe the use of developments such as the HIMSS mobile toolkit for personalizing these solutions to Healthcare.

Federated Identity

The backbone of Cloud Identity is federated identity, referenced by CHI as above, and also described in their other white papers.

On page 16 of their first introduction to Cloud Computing for Healthcare, they show ‘F/IDM’ (Federated Identity Management) to be the foundation to integrated services delivered from Cloud Providers.

Federated Identity Management is where the Identity authentication systems like Active Directory, are connected and synchronized, so that you don’t have to repeatedly enter your username and password for each domain they control access to.

‘Cloud SSO’ (Single Sign-on) is where this effect is achieved across Cloud environments and applications, meaning that in scenarios like Ottawa, it will facilitate the cross-domain authentication required, smoothing access for doctors not just to their own systems, but all of the organizations required to provide a complete circle of care.

This post is sponsored by Good Technology.

The post The Role of Cloud Identity in Mobile Device Security appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Ventures

The Cloud Ventures Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net