Evolving ID delegation for the digital age: building supply chain trust

To survive in today’s fast-paced business environment, digital transformation has become the status quo. So much so that 47% of UK organisations fear they will become less relevant if they fail in their efforts to transform digitally. With the necessity to innovate at an all-time high, companies are now relying on suppliers and partners for business-critical components and a competitive advantage, ultimately meaning that more third parties are interacting with an organisation than ever before.

This shift has led to a changing cyber-attack surface. As employee access controls have evolved, cybercriminals are looking beyond traditional methods to breach an organisation’s defences, increasingly targeting vulnerable third party access points. In fact, recent research revealed that there has been a 50% rise in third party data breaches over the last year. As such, it’s more important than ever that companies establish relationships of trust with their suppliers – but in most cases this is easier said than done.

With that in mind, electronic delegation has the potential to dramatically impact how companies build these relationships across both the public and private sector. Digitising delegation to secure and manage the supply chain can not only support complex scenarios, but also build accountability. Here’s how it can be done.

Digitising delegation

Delegating rights and roles is an essential part of our daily lives and our economy. For example, we delegate our financial matters to accountants, legal matters to lawyers and estate matters within families through power of attorney. In the offline world, this delegation takes place via signed or co-signed documents, and often notarised. Occasionally, in-person visits to a local bureau are mandated. These centralised methods of physically establishing delegation rights are costly, slow, inconvenient, and do not scale well.

Moving delegation to the digital level creates an opportunity for businesses to decentralise and solve these problems. It not only increases security, but also reduces cost, speeds up administrative processing, is much more convenient for both the source and target of the delegation, and scales to internet levels.

Electronic delegation can take complicated admin-heavy workflows and make them simpler and less expensive for all involved. Yet when it comes to digitising delegation, whether to secure the supply chain or reduce admin-heavy workflows, few organisations are using it and few technology providers get it right.

Managing user roles and rights

Identity & Access Management (IAM) solutions by definition manage user roles and their rights to protected resources – systems, networks, documents, data, among others. All IAM solutions should provide some level of delegated administration – a function that allows users to create and manage other users.

However, to meet intricate real world needs such as managing the supply chain, electronic delegation needs to be able to support complex situations where individuals delegate to individuals, and/or individuals delegate to organisations (and vice versa), and/or organisations delegate to organisations.

Electronic delegation across industries

There are a variety of ways electronic delegation is already being used across a number of industries, which can all be applied in a similar way to supply chain security.

For example, if we consider the nationwide platform for tax submissions currently in place in Finland, citizens or company officers can delegate the roles needed for the various government tax submissions. Multifaceted hierarchies and auditable power of attorney are supported, for instance CEOs delegate to CFOs, who in turn delegate to external parties responsible for specific submissions, who in turn delegate role-based access to their team members.

Moreover, within the energy industry where there are countless third parties involved, delegation can support hierarchical access to energy contracts and details, such as tenants in housing associations controlling their energy ‘mix’, then landlords delegating access to the energy company. Delegation allows access to energy details in hierarchical ownership or tenancy structures (tenants in housing associations being a prime example). Management rights for energy supply and usage can be forward delegated to landlords, who in turn delegate to tenants.

The future of electronic delegation

Innovation is now driving both the adoption of electronic delegation and the creation of new services that use delegation at its core. Concepts like electronic “Right to Represent” is, at the highest level, a mechanism that allows the assertion of rights and the delegation of some or all those rights to other identities, such as one organisation checking the NDA signatory rights of the individual signing the NDA as a representative of another organisation.

Crucially, electronic delegation and services built around delegation concepts will become increasingly widespread as companies look to secure third party access points within their supply chains. And when embraced it can offer cost savings, auditable security and allow complex processes to scale.

Website | + posts

Simon is responsible for the planning, communication and delivery of Ubisecure’s overall vision and corporate strategy. Simon is the key evangelist for the organisation and has delivered several keynotes at cybersecurity and digital identity events. Prior to joining Ubisecure, Simon was CTO at GMO GlobalSign.

Unlocking Cloud Secrets and How to Stay Ahead in Tech with James Moore

Newsletter

Related articles

Investment Opportunities for Startups and Technologies in AI 

Although artificial intelligence developed from niche technology has become...

Four Surprising Lessons I’ve Learned Leading Tech Teams

Techies. Geeks. Boffins. Whatever your organisation calls its IT...

A Business Continuity Cheat Sheet

Right, let's be honest. When you hear "business continuity,"...

Challenges of Cloud & Ultima’s Solution to Transform Business

With the way that AWS and Microsoft dominate technology...

Data privacy concerns linger around LLMs training

We have all witnessed the accelerated capabilities of Large...