Whether it be traffic flow, water flow or the flow of commerce, there exist points within these flows where control mechanisms are applied. These control points might be simple - like traffic lights - or complex - like power distribution for a large building. Without these control points, the efficient, safe, and uninterrupted flow of any system would be impossible.

Where the controls become impediments, because they cannot handle fundamental changes in the flow, efficiencies are lost. A traffic light that coped fine with light traffic creates a bottleneck when a huge amount of rush hour traffic comes through, because it cannot dynamically adapt. Fixing this - changing the type or function of a control point to meet the new demands - can be long, complicated, and costly.

IT requires control points that can adapt dynamically and secure applications as they are delivered. This is especially true for global infrastructures that span the cloud and the data centre, and users are driving change too: the mobile workforce is expected to increase from 919 million in 2008 to 1.2 billion in 2013—representing 34.9 percent of the worldwide workforce.[1] They are dispersed all over the globe, and they use a variety of devices to get to corporate resources. The applications and the users are on the move.

So if apps and users are on the move, and if IT's job is to ensure the right users can access the right apps, then there is a need for a centralised policy control point, or this particular flow will break down.

This policy won't be fit for purpose if it just consists of knowing who is accessing data and applications. The device type, the type of network, the resource being requested: all of these are essential to know. The most optimal location that can deliver the requested content is also a component.

To identify all these things, the endpoint is the key; an initial endpoint inspection can determine the location of the user, the type of network and device, and other contextual metadata.

It can also be difficult for IT to control endpoint security. Inspection of the endpoint means IT can determine how much access to grant a user based on corporate access policy criteria.

Finally, controlling and managing access to resources must be based on identity. Unauthorised access is a huge concern for companies, not only because of the potential loss of confidential company data, but because of the regulatory compliance risks.

So, an ideal strategic point of control in the context of connecting mobile users to mobile apps should provide identity, authentication, and access control. In order to be adaptable, it should centralise web single sign-on and access control services and include an easy way to create custom policy-based access control rules.

This gives administrators complete control over which resources get delivered to which user and enables them to control access based on device and identity—even down to a specific folder path within a web application.

This is the essence of unified access control, fulfilling the goal of connecting any user from any device from any location to wherever the application lives. Unified access control is about securing and optimising the delivery of applications globally to the remote user by connecting them with the least amount of latency and as close to the application as possible.


[1] IDC Report, “Market Analysis: Worldwide Mobile Worker Population 2009–2013 Forecast”. December 2009, IDC #221309, Volume 1.