The \u201cBring Your Own Identity\u201d (BYOID) trend in which websites let users authenticate using identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo or other means raises some questions in the minds of IT and business managers. And a survey conducted by Ponemon Institute shows a vast difference in how the IT and business sides think about this so-called BYOID method of authentication.Ponemon asked 1,589 IT and security practitioners and 1,526 business staff personnel, many of them in managerial roles, about what they thought about BYOID and whether it could be used to simplify online authentication for everyone from employees to contractors to retirees to website customers or mobile customers. Both the IT and business sides said they considered BYOID as a way to simplify interactions with customers on the web and mobile devices. Both sides saw it as a way to make registration of new customers easier for them and the organization, plus possible cost reduction related to forgotten passwords and other sign-in problems. But beyond that, the IT and business personnel had differing perspectives about BYOID.+More on Network World: The Worst Security SNAFUs this year (so far!)+Three-quarters of the business staff answering the survey saw BYOID mainly as a way to either \u201creduce friction in the user experience\u201d or \u201csimply engagement for users\u201d as a form of \u201cidentity validation.\u201d Over half of the business managers thought BYOID would increase revenues for the organization, with many envisioning \u201ctargeted marketing.\u201d Less than 15% on the IT side shared this view.According to the Ponemon survey, 67% of the IT and security respondents saw BYOID as a way to strengthen the authentication process and 55% said it could be a way to improve risk evaluation and decrease fraud. Only about 15% of business people felt that way. IT and security personnel thought more important that the \u201cidentity provider\u201d in any BYOID arrangement have some sort of \u201cformal accreditation.\u201dRespondents on the IT side ranked PayPal, Google and Amazon as the top three preferred identity providers to their organization. Yahoo was ranked of least interest. The business staff ranked Amazon, Microsoft Live and PayPal as the top three identity providers for their employers, with Facebook ranked the least.When it comes to perceived barriers to BYOID deployment, IT and security personnel were far more concerned about risk and liability concerns and \u201closs of control\u201d than the business staff. Business staff worried more about \u201ccost.\u201d\u201cOrganizations that accept third-party identities also worry about instances where an identity is compromised and non-legitimate access is granted to applications or customer data,\u201d the Ponemon survey points out.Not surprisingly, IT and security personnel regard BYOID in a far more technical light, with 57% saying they would feel more favorably about BYOID adoption if the identity provider would implement \u201cfraud risk engines\u201d while 66% said they wanted \u201cmulti-factor authentication.\u201d These were of interest to only about a third of the business staff. For mobile devices, four-digit PINs and one-time tokens were more important to IT personnel, while \u201cgeo-location\u201d tracking was important to more than half of the business staff.Both the IT and business sides, though, did want identity providers to give them information related to security issues such as \u201chistory of password re-sets,\u201d if the account had been abused, the history of identity takeovers, how long the user account had been established and whether it had ever been suspended. IT personnel also want to have a phone number tied to the account.The Ponemon survey concluded with the recommendation that the IT and business sides should have a \u201ccollaborative discussion\u201d around BYOID in terms of how it might fit into any planned projects.\u201cThis exercise could include basic simulation\/modeling of a new online initiative with BYOID and without BYOID,\u201d the Ponemon report said. \u201cThis will help address key questions: Will supporting BYOID increase new customer acquisition? Are the costs of continuing to require users to create and maintain their own accounts more than the incremental value that is generated by BYOID?\u201d But before any use of BYOID, a thorough risk analysis should be done by a corporate team that includes legal and business expertise to understand any liability issues.