Welcome!

IBM Cloud Authors: Yeshim Deniz, Elizabeth White, Pat Romanski, Liz McMillan, Stefan Bernbo

Blog Feed Post

The Role of Cloud Identity in Mobile Device Security

ipad-doctor

This post is sponsored by Good Technology.

The third and most recent in the series of white papers from Canada Health Infoway, the standards body for E-Health in the country, is Mobile Computing in Clinical Settings.

Transformation through Enterprise Mobility

This details a complete description of best practices for an enterprise mobility strategy including MDM (Mobile Device Management) and related security aspects,  and provides an insightful review of how enterprise mobility can dramatically enabled business transformation.

One case study example described is Ottawa Hospital, who have been equipping doctors with iPads, a ‘virtual clipboard’ if you like that can support decision-making in real-time, via a device convenient and practical for these demanding environments.

They can even be flipped to then act as an educational tool too.

ipad-doctor2

Identity-enabled Integration

Ottawa is also using IBM middleware to integrate with back-end systems. Without this integration the device would really only be useful for Fruit Ninja, which while fun won’t help speed healthcare treatment.

These scenarios capture exactly how important integration is, because to add any real value the doctor needs to access not just patient EMR systems, but also the broader estate of IT systems within the patients ‘Circle of Care’.

And of course in this day and age the Web is equally crucial; they want to be able to Search and find decision-support information from across a multitude of online libraries and news sources relevant to their field.

This means they need to build access not just to their own systems, but also those that lie outside of their own IT environment.

A critical dimension to this is Identity – If they have to provide a username and password for each of these transactions the ease of use of the device is quickly going to diminish meaning the likelihood of continued adoption also dies, and the CHI paper describes the latest cutting edge best practices for this:

From page 45 they describe:

Considerations for Privacy and Security

Organizations should consider the use of a ubiquitous identity credential and authentication mechanism(s) for mobile devices and mHealth apps. The identity credentials would be used for access to HDO information systems, as well as mobile apps.

A common or federated authentication technique across mobile or cloud based apps and systems will provide for an increased and uniform level of confidentiality.

Consideration should be given to cloud based Software as a Service (SaaS) Identity Management capability available for the issuance and management of common or federated identity credentials. Federated credentialing can be device based or device independent.  

Harmonization or federation of device, mobile app and health care organization system authentication schemes is recommended.  

In a BYOD context where several device platforms are supported, consideration of ubiquitous identity credentials that are mobile platform independent is recommended.”

They describe the use of developments such as the HIMSS mobile toolkit for personalizing these solutions to Healthcare.

Federated Identity

The backbone of Cloud Identity is federated identity, referenced by CHI as above, and also described in their other white papers.

On page 16 of their first introduction to Cloud Computing for Healthcare, they show ‘F/IDM’ (Federated Identity Management) to be the foundation to integrated services delivered from Cloud Providers.

Federated Identity Management is where the Identity authentication systems like Active Directory, are connected and synchronized, so that you don’t have to repeatedly enter your username and password for each domain they control access to.

‘Cloud SSO’ (Single Sign-on) is where this effect is achieved across Cloud environments and applications, meaning that in scenarios like Ottawa, it will facilitate the cross-domain authentication required, smoothing access for doctors not just to their own systems, but all of the organizations required to provide a complete circle of care.

This post is sponsored by Good Technology.

The post The Role of Cloud Identity in Mobile Device Security appeared first on Cloud Computing Best Practices.

Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

IoT & Smart Cities Stories
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Ben Perlmutter, a Sales Engineer with IBM Cloudant, demonstrated techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user e...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
"The Striim platform is a full end-to-end streaming integration and analytics platform that is middleware that covers a lot of different use cases," explained Steve Wilkes, Founder and CTO at Striim, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"MobiDev is a Ukraine-based software development company. We do mobile development, and we're specialists in that. But we do full stack software development for entrepreneurs, for emerging companies, and for enterprise ventures," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...