Building a Modern Identity Fabric

In a recent VentureBeat article, Gartner senior director analyst Henrique Texeira remarked,  “The identity infrastructure in most organizations is too brittle to survive a targeted attack. Over 80% of organizations have suffered an identity-related breach in the last 12 months. [This] fragility is in large part related to incomplete, misconfigured or vulnerable elements in the identity fabric.” 

Typically, when people discuss identity fabric, they often focus on it from a security perspective. However, that's just the basic requirement – identity fabric is equally crucial for your business, much like the Domain Name System (DNS) is for the Internet. 

Identity fabric as a business enabler

While security and compliance are evident business drivers to implementing an identity fabric, it should also function as a business accelerator. For instance, at Broadcom, it enables us to promote adoption of our solutions more seamlessly. People need the ability to access the right data at the appropriate time. It's astonishing how many companies overlook some of the basics, like, 'Can I see what orders are associated with my name or company?'  Understanding departmental segmentation and comprehending who made purchases, for what reasons, and from where, are fundamental aspects of effective business management. As we've acquired more companies, it's been surprising to realize how many lack a comprehensive good view of customer interactions from a business perspective. 

Identity fabric goes beyond identifying someone's email address or their identity. It must offer unified access and entitlement across the diverse layers of Broadcom. With Broadcom expanding its product portfolio to include software, the user count has grown exponentially. Presently, Broadcom encompasses 22 business divisions, each engaging differently with various customers, distributors, resellers, and partners. It's essential for us to have a clear understanding of who these individuals are and the access rights they are entitled to. 

Typically, the most significant challenge for companies is their considerable compartmentalization. They might have ten different teams, each relying on five different sources of truth that need to communicate with one another. At Broadcom, we firmly believe that establishing a single source of truth serves as the foundational cornerstone for our company’s identity fabric. This not only streamlines communication between front-end systems, visible to customers, and the back-end systems, where most data is processed, but also facilitates scalability. Achieving a single source of truth is a formidable task for most companies. Simplification requires dedicated effort, but, if executed correctly, it can lead to a more scalable solution.  At Broadcom, we have a centralized team that oversees identity management across products, infrastructure, applications, and security.

Building blocks for a modern identity fabric

When constructing your own modern identity fabric, consider the following:

• Secure a key executive sponsorship:  Having a key executive sponsor is crucial for the successful implementation and maintenance of an identity fabric, as challenges may arise.  At Broadcom, our CEO, Hock Tan serves as our executive sponsor. He supports us in implementing change and, if needed, provides the necessary air cover to drive improvements in security and cost efficiency. This sponsorship enables us at Broadcom to drive change more effectively than many other companies.

• Identify the problem: What problem are you aiming to address with an identity fabric? Is it related to application implementation or infrastructure? What specific area are you targeting?  Since an identity fabric can tackle various issues, it's essential to pinpoint the problem you intend to solve and define your criteria for success. At Broadcom, success is defined as reaching a point where each subsequent project becomes easier than the previous one. We’ve established a foundation that allows for scalability. Can we further expedite expansion and enhance agility as we move forward? Given that we won't receive additional funding or personnel, how can we accelerate development?

• Enable compliance: From the European Union to Asia Pacific, identity is a highly significant topic. To meet the requirements of GDPR and other international regulations, must determine where it's permissible to collect information. Equally important is the ability to erase individual's data, not only within a single system but across the entire environment. It's essential to establish a robust auditable environment and ensure compliance with existing and forthcoming regulations.

• Build flexibility into your security posture: From a security standpoint, it’s vital to implement current security protocols and standards. However, as security profiles shift and develop, your approach must adapt accordingly. An identity fabric serves as a way to “future-proof” our organization, allowing us to establish a baseline and an architecture that will facilitate compliance with future security demands and safeguard the assets within Broadcom.

Today’s modern applications and environments have expanded to the point where gaps have emerged. An identity fabric addresses these gaps, offering a unified, secure end-to-end perspective for both the enterprise and the customer. In upcoming articles, we will delve deeper into the technologies that form the foundation of an enterprise identity fabric framework. 

To learn more about Broadcom and how we are connecting everything, visit us here.