Identity And Access Management In The Virtual World

In the physical world, it’s quite easy and simple to separate your work identity from your personnal identity.  Work is at the office – and for some, work stays in the office.  Your personal life and family are in your home.  Similarly, access rules apply within the same structure – you have access to work-related  information in the office (even though we know that’s extended to your PDA these days) and you spend quality time with family members around the home.  It’s simple, black and white.  As we spend more time online these days (and virtual), our worlds begin to merge and what was once black and white becomes gray.

There’s no better example of this merging world than the desktop or notebook you use for work.  Let’s list out the applications you run during the work day, segmented by business vs. personal:


  1. Email client
  2. Instant messaging (IM) client
  3. Browser tabs: Intranet, corporate reporting system, CRM system, ERP system, etc.


  1. Email client (e.g. Yahoo Mail, Gmail, etc.)
  2. Instant messaging (IM) client [possibly the same client you use for business purposes]
  3. Browser tabs: Facebook, Twitter, eBay, NCAA picks, etc.

Now, let’s say I’m doing a desktop sharing session  – I’m running through a demo of a virtual event and I’ve forgotten to sign out of my personal IM client.  My mother, not knowing that I’m sharing my desktop, decides to send me an instant message.  What happens is that my audience of ten gets to see a reminder from Mom to call Uncle Jasper to wish him a Happy Birthday.  A bit embarassing, but all too possible when access to your business and personal profiles are enabled by a common resource (your PC).

To provide for a separation, one solution is to utilize virtualization – run one virtual machine (VM) with all of your business applications and a different VM with all of your personal applications.  The hassle here is the need to toggle between the two – but hey, perhaps you get more work done.

Now, let’s extend things a bit – as the business use of social media and virtual worlds grows, I think the same need for separation (e.g. identity and access management) applies.  For instance, many tell me that Facebook is strictly for friends and family, while Linkedin and Twitter are used strictly for business associates.  So users are using a manual configuration to separate their social network identities (and access to those identities).

But perhaps there’s a cleaner way – something I think of as identity virtualization.  Similar in concept to virtual machines, users of social networking and virtual worlds should be able to have a base profile (information that’s globally available and applies to all identities), along with specific identities suited for a defined purpose (e.g. business, personal, etc.).  Perhaps your virtual worlds identity (for business) uses your real name, whereas your virtual worlds identity (for personal) uses a fictional name (a la Second Life).

For this to work across your social network sites, they’d all need to work together against a common standard (for profiles).  In the meantime, this concept is precisely what Facebook was thinking, when they rolled out recent changes to help users better segment updates across their Facebook friends.  So while I certainly don’t have all the answers, my simple thought is that, as use of social networks and virtual worlds grows, the identity and access management issue will become more and more important.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: