- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Driven by network security concerns, regulatory legislation and cost savings, identity management is climbing the corporate importance meter.
The trend is seen in end-user projects, in consolidation of vendors and product categories, and the appearance of broad suites of identity management software from Computer Associates, IBM, Microsoft, Novell, RSA Security, Sun and others.
"The question is, What kinds of risks will we be taking if we are without identity management?" says Ahmed El-Haggan, CIO and professor of computer science at Coppin State University in Baltimore. "We are adding a lot of access that we didn't offer before so the question becomes, Can we live without identity management in the future?"
El-Haggan's answer is "no," and he has started to address the issue by rolling out IdentityMinder eProvision from Netegrity, which lets 4,000 students and eventually 4,000 staff and alumni create and manage their own identities for e-mail accounts and network access. "We call it on-demand access," El-Haggan says.
"No" is also the answer from many end users who say legislation such as the Health Insurance Portability and Accountability Act, Gramm-Leach Bliley and Sarbanes-Oxley, is tipping their hand with requirements for data protection and closely controlled access.
"Compliance is huge right now. It is the silver bullet that identity management was looking for," says Ira Horowitz, director of worldwide marketing for MaxWare, which develops a suite of identity management products.
Burton Group predicts that every organization will be involved in an identity management project within the next two years.
That conclusion points to the fact that corporations no longer can ignore the need to manage a user's identity from creation to deletion, which ensures logging and auditing of who is on the network, and what they are doing, why and when.
Providing all that control, however, leads to a complex identity management infrastructure that includes access management, provisioning, meta-directory, virtual directory, password management, single sign-on and directory technology.
That complexity is driving three major trends in the market - development of product suites, vendor consolidation and merging of product categories.
Recently Netegrity and Sun snapped up provisioning vendors Business Layers and Waveset, respectively. In the past 18 months, HP bought identity vendor TruLogica and access management software from Baltimore Technologies, and IBM acquired provisioning vendor Access 360 and meta-directory start-up MetaMerge.
Conversely, vendors also are merging product categories to make their offerings seem less ominous. Provisioning, meta-directory and password synchronization are consolidating into user management software. Web access management, self-service/delegated administration and audit technology are converging into authorization products.
Last week, Sun consolidated its product line from eight separate offerings to three. Microsoft has only three foundation products in its lineup anchored by Active Directory and relies on third-party software to add layers of control.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment