|
This year's Catalyst Conference, very Oprah, very Cosmo
07/02/08
Last week's Burton Group Catalyst Conference might have been subtitled "The Oprah Year" ("Get Health, Beauty, Recipes, Money,
Decorating and Relationship Advice on Oprah.com") because the buzz was all about relationships. Burton Vice President and
Research Director Bob Blakley even illustrated his presentation with what could have been pictures clipped from Cosmo.
Catalyst keynote speaker: 'We need to think differently'
06/30/08
Last week was the annual Burton Group Catalyst Conference and, like last year, the announcements came fast and furious. There
were new products, new companies and even a new organization. It's going to take a few newsletters to cover them all, so I
better get started. First, though, I want to capture the overall theme and tone of the conference.
Re-using employee ID numbers, or not
06/25/08
Sometimes a clarification succeeds only in further muddying the waters. That's what I did last week, not for the first time
either. Probably won't be the last, though. It's concerning that issue of re-using identifiers and re-using employee ID numbers.
At the risk of further muddying things, let's take a final look (for now) at the issues.
Provisioning/de-provisioning in the education sector
06/23/08
Provisioning/de-provisioning in the education sector.
Identity Bus discussion focuses on re-hires
06/18/08
Last week's newsletter about the Identity Bus raised a number of issues in the Network World forums, some of which I addressed
last newsletter. But there was another issue raised that deserves its own discussion.
Identity Bus topic sparks community discussion
06/16/08
Last week's newsletter re-visiting the Identity Bus contrasting virtual data storage with persistent data storage brought
forth a number of comments on the Network World Web site, which I’d like to address today.
Dealing with orphan accounts and de-provisioning
06/11/08
I want to add just a bit more on orphan accounts and de-provisioning before we move on to the next round of conferences (Burton's
Catalyst in two weeks, then next month's inaugural SSO Summit get together).
Re-visiting the Identity Bus/Hub issue
06/09/08
Today I want to re-visit the Identity Bus/Hub issue, which is also caught up with the choice between completely virtual directories
and persistent storage metadirectories.
Time to investigate orphaned accounts
06/04/08
De-provisioning is the act of removing access for a user's account while not necessarily removing the account (which most
likely will still be needed for a while for compliance auditing and other reasons). Almost all current provisioning software
includes modules to de-provision accounts, but that hasn't always been the case. As I noted in an article about the first
identity provisioning application, back in 1999, de-provisioning was in the road map for the second release. By now I'd expected
that a) just about everyone would have installed provisioning software; and b) most of those would include de-provisioning
as a feature. I was wrong.
What's hot and what's not for role management
06/02/08
Roles are not necessary for governance, risk, compliance and entitlement (GRCE) management, just as roads aren't necessary
in order to drive cars. And just as it would be foolish to consider driving from, say, San Francisco to New York without using
roads so too would it be foolish to consider implementing GRCE management without roles. I was reminded of this when a press
release crossed my desk a couple of weeks ago.
Access Agents solve digital identity problems
05/28/08
In all the discussion of IBM's recent purchase of Encentuate, I seem to have concentrated on its effect on IBM/Tivoli customers
as well as on Passlogix, previous supplier of single sign-on technology for those customers. I've said very little about Encentuate,
though. Not that I'm going to do so today. (Although it does appear to be a good deal for that company) Instead, I want to
look at something that Peng Ong, the founder of Encentuate, said recently.
Interoperability appears to be the 'new religion' in identity
05/26/08
There were a couple of recent announcements that should be brought to your attention, one to "close the circle" on something
while the other leaves the circle open and ambiguous.
What does an Identity Hub look like?
05/21/08
A question I've been getting lately is "what does an Identity Hub look like?" As regular readers will know, the Identity Hub/Identity
Bus is a topic we've talked a lot about recently (click here if you're not familiar with the topic). So far, though, there's
nothing even close "in the field." There are a couple of things, both still theoretical at this point, that encompass some
of the functionality, though. One I've mentioned before and one I should have.
Venues for enterprise identity practitioners
05/19/08
Last week's Internet Identity Workshop (IIW) was, as always, the hotbed of user-centric identity, privacy protection, open
source identity and social networking data exchange. As the meeting's charter reads: "The heart of the workshop is a practical
idealism in working towards the shared vision of a decentralized, user-oriented identity layer for the Internet." And, afterall,
this is where the OpenID Foundation was born. So I was intrigued to see a session called "Enterprise Identity Roadmap for
enterprise identity architects: a discussion."
The Identity Bus vs. the virtual directory
05/14/08
An anonymous reader posted to the Network World forum asking about the Identity Bus: "Using LDAP as the name or protocol for
the Identity Bus makes it sound like a virtual directory to me. What would be the difference? How would an Identity Bus be
different than a virtual directory?" A perfectly good question, which shows the interest in the concept, but also the need
to explain it all just a bit better.
Why does identity data need its own special bus?
05/12/08
In the last two issues I talked about the "Identity Bus" and the discussion that Kuppinger-Cole's Felix Gaehtgens led at the
recent European Identity Conference. Now, in response to popular demand (Felix's boss wanted to see what he was up to), the
entire interview (in five parts) has been posted online - complete and unedited, a raw look at some familiar talking heads
in an informal environment. It runs almost 40 minutes, so get some coffee and give it a look. I'll be talking more about some
of these same characters after this week's Internet Identity Workshop.
Building an Identity Bus, Part 2
05/07/08
Last time out I told you about an informal discussion I had with Microsoft's Kim Cameron, Novell's Dale Olds, Quest's Jackson
Shaw hosted by Kuppinger-Cole's Felix Gaehtgens all about the so-called "Identity Bus." I said that we reached a conclusion
about the best way to move forward, but perhaps it's better to say we identified a couple of paths that might be worth taking.
Building an Identity Bus, Part 1
05/05/08
One of the most interesting "panel discussions" I had at the European Identity Conference didn't have anyone in the audience.
Kuppinger & Cole senior analyst Felix Gaehtgens gathered Microsoft's Kim Cameron, Quest's Jackson Shaw (former colleagues
at Zoomit) and Novell's Dale Olds for a video interview (which may or may not show up at the KCP Web site) about the "Identity
Bus."
Putting Context in Identity
04/30/08
I had a wonderful time at last week's 2nd annual European Identity Conference in Munich. Martin Kuppinger and his crew at
Kuppinger Cole + Partner for putting on an excellent conference, one which I highly recommend you add to your calendar for
next year. I'd also like to thank the great guys who put themselves in harm's way (well, harm to their reputations) by participating
in the three hour long panel sessions I moderated on the general topic of "Putting Context in Identity."
Tracking regulatory changes without the eye-strain
04/28/08
Governance and compliance are some of the least glamorous and most arduous parts of the identity management field. It's thankless
work with little reward. Especially hard is the seemingly simple job of deciding which regulations apply to your enterprise,
and what new things you need to implement as new regulations are promulgated and old ones are revised. And, of course, no
one is subject to only one set of regulations, are they? What can you do about gaps and overlaps - and how can you find them?
That's a lot of lemons, so it's not surprising that someone is making lemonade out of it.
OpenPages takes on the least glamorous parts of identity managment
04/23/08
Last issue I promised a look at a veteran company in the governance, risk and compliance sector that I'd been planning a closer
look at for over a year. And today we're actually going to take a look at OpenPages, a company that's been around since 1996
and yet still might be considered an "overnight success."
Context in identity
04/21/08
Today I want to talk about a company I mentioned a year ago, with all intentions of telling you more about them. But even
as I try to get them into today's newsletter, there's a timely issue to tell you about first, especially if you're in Munich
this week for the 2nd annual European Identity Conference.
Hitachi to take Larry Ellison approach to identity management - buy, buy, buy
04/16/08
My phone rang at 8:30 a.m. one day last week, which isn't that strange an occurrence. East coast PR people sometimes seem
to think that, since Network World publishes my stuff I must live in Massachusetts. But this call was from someone in the
Mountain Time zone who happened to be in California that day. It was Idan Shoham, M-Tech Technology's CTO, and he wanted to
make sure I was OK since I wasn't on the list for his press conference that morning. The event would be "interesting" was
all that he would say about it. And it sure was. The conference was to announce that Hitachi had bought a majority interest
in M-Tech which will henceforth be known as Hitachi-ID. An interesting announcement on many levels.
Oracle centralizes security processes into Service-Oriented Security
04/14/08
Last week I told you about RSA's (that's RSA, The Security Division of EMC, of course) announcements at the RSA 2008 Conference.
Today we'll cover a few more and try to get to the rest in the next issue. Next week we'll begin coverage of the 2nd European
Identity Conference which begins on April 22. But let's start off by looking at what Oracle did, and didn't, announce at RSA.
RSA updates Authentication Manager with business continuity, extended authentication methods
04/09/08
This week is the annual RSA Conference in San Francisco and there are lots of announcements by the participants. We covered
one of the host's announcements last time - RSA's Identity Assurance platform. Today we're taking a closer look at a second
announcement by RSA, Version 7.1 of RSA Authentication Manager, which supports Identity Assurance.
More articles
»
|
[1,407]
