What Kirigami Can Teach Us About Identity

The paper people chain, or Kirigami, has been a staple at our kids’ craft table for years. Originally made as an offering for the gods in 17th century Japan, the art form made its way stateside in the 70s—mainly parents like me sitting with their children at the kitchen table spending time together. I was recently making these paper people chains with my kids when I had an ‘aha’ moment.

With scissors in hand, we folded our paper into an accordion, drew half of a person on the edge, and voila we had our link of people holding hands. Staring at our perfect human paper chain, it dawned on me. The paper chain is the new security perimeter, and what our security efforts need to focus on as the traditional network perimeter disappears.

Today, our workforce is the new entryway into enterprises of all sizes. And, like paper, identities—employees, contractors, and even software bots—are easily broken and exploited. This presents both challenges to overcome and the potential for innovation we can come to bear in this new reality.

Our use of smartphones and the cloud has made it easier to share data, collaborate on projects, and access anything at any time and anywhere. This ultra-connected brave new world speeds up productivity and enables today’s mobile and globally dispersed workforce to work conveniently. This 24/7 access increases the number of paper-thin weak spots prime for roving hackers.

Through tactics like social engineering, phishing emails, and stolen credentials, cybercriminals target people. While identities are an exposure point, they can also be the new frontier for protection. Let’s not tape our human paper chain back together when a breach occurs; we can make sure the tear does not happen in the first place or when it does, shut it down immediately.

Organizations need to rethink identity in this modern age. The nuts and bolts stay the same. We are still ensuring users have the right access to do their jobs—when they need it, no more and no less. But today, the execution must be different. Identity must be the new firewall.

By embracing AI and ML, organizations can start to govern smarter by leveraging all of the identity data (human or otherwise) they have in their IT system to create a self-learning, predictive identity program. Instead of rubberstamping access because identity teams are too busy to dig in to see if the person can and should have access, they can tap into automated technology to do this for them in the blink of an eye and accordance with corporate policy.

With this AI-driven approach, instead of seeing users as a long line of chains that can be easily compromised, this intuitive identity sees these users as a collective group, making access approvals easier and safer than ever. This also frees up a tremendous amount of manhours in the process.

If you have visibility on every single users’ access, you will then be able to quickly shut down access once you spot an anomaly in their activity—stopping hackers and their “verified authentication” in their tracks. This is the only way to secure today’s perimeter in this new frontier of people at the front lines.


Discussion