- FBI warns Hit Man e-mail scammer back
- 20 tech habits to improve your life
- Industry mourns slain Cisco exec
- 10 Firefox add-ons for better browsing
- Wireless LANs face scaling challenges
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Dave Kearns provides the information you need to evaluate, install and maintain your corporate identity management system.
I had the opportunity to sit down with Avatier CEO Nelson Cicchitto last week, always a pleasant task. Pleasant, because Cicchitto is one of the right thinking people among identity management vendors. In other words, he agrees with me! [That's a joke, folks. Please laugh.]
Nelson's mantra is that the promise of identity management is fourfold:
1. Reduced IT cost.
2. Enhanced security.
3. Achieved compliance.
4. Improved efficiency through automation.
He points out that most so-called identity management "solutions" from the biggest players in the software business are often monolithic conglomerations of many disparate products that require extensive manpower, time and infrastructure to implement. His company also offers a fairly all-encompassing identity management software bundle - the Avatier Identity Management Server (AIMS) and its various modules. The difference is that Avatier almost insists on a phased rollout of the various parts of the suite.
Cicchitto claims that by rolling out the easiest pieces first, you can essentially finance later deployments with the ROI and savings from the earlier ones. Now wouldn't your CFO love to hear that!
In fact, the company's stated philosophy is: "Delivering comprehensive identity management is primarily a process, not a product, that relies heavily on unique business driven workflow rules. Successful organizations avoid trying to deploy all aspects of identity management at once, but instead deploy a proven phased and measurable approach from many vendors who only specialize in their product space."
Avatier's architecture of a rollout makes fascinating reading, but it boils down to a 10-phase approach:
* Self-service password reset.
* Password policy enforcement and synchronization.
* User deprovisioning.
* User provisioning and role definition.
* Self-service role matrix and rights management.
* Meta-directory.
* Enterprise reduced sign-on.
* Multifactor strong authentication.
* Web/enterprise access management.
* Federated identity management.
Note, in particular, that user deprovisioning is implemented before provisioning. Your security officer will love that.
There's certainly a lot to like about Avatier's approach to identity management implementation. You should investigate.
Rss FeedRss Feed
Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...
Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch OfficesThis paper reviews the problem of creating a network where the dynamic availability of services is...
Enterprise Data Center Network Reference ArchitectureUsing a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
Stay out of the headlines: Detecting and preventing network intrusionsHow do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...
We have so many holes punched in our firewalls today that many industry insiders question the value...
IP address management in 2008 - six things to knowRead this Network World Special Brief to learn how Enterprise IT managers must update their...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment