- FBI warns Hit Man e-mail scammer back
- 20 tech habits to improve your life
- Industry mourns slain Cisco exec
- 10 Firefox add-ons for better browsing
- Wireless LANs face scaling challenges
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Dave Kearns provides the information you need to evaluate, install and maintain your corporate identity management system.
Last year was all about getting regulatory compliance into place so that your business could survive a compliance audit. This year, it’s about reducing the cost of compliance and/or increasing the productivity of your people involved in compliance issues.
As I mentioned last month, Compliance Management (which will be called different things by different vendors as they try to capture the most resonant potential buzz phrase) is the category that will be used to reduce cost and improve performance in this area.
<aside> I mentioned that I thought there were two companies in this niche – Aveksa and SailPoint – but my Network World colleague Jim Kobielus pointed out to me that it’s part of a larger category “…called Governance Risk and Compliance (GRC) Management. Some of the principal vendors in that space are OpenPages, Mega International, Bwise, CA, and SAP.” I stand corrected, and better informed.</aside>
My friends at SailPoint were on the phone last week to tell me about a recent survey they commissioned. Now I’m always a bit leery of surveys sponsored by vendors, and always insist on seeing the raw questions and data. And I can state unequivocally that this “Survey on Identity Compliance” conducted by the Ponemon Institute is one of the most thorough, vendor-neutral, and professionally conducted IT surveys I’ve ever seen. But don’t take my word for it, head over and get your own copy.
The big news (and there is lots of news) I found in the survey shows up in Table 14, on page 13:
-- What are the primary barriers to automating IAM [identity and access management] compliance in your environment?
* Our IAM data is too fragmented and difficult to automate 54%.
* We haven’t found the right tools to automate IAM compliance 47%.
* Responsibility for IAM compliance is dispersed among many groups 30%.
* Automating IAM compliance is not a priority 18%.
* We lack the expertise to implement automation 17%.
Fragmented data, inappropriate tools, fragmented responsibility, lack of expertise leading to low priority for implementation – a classic recipe for disaster. SailPoint hopes you’ll see that its ComplianceIQ product will help you overcome some of these problems by making it easier to identify compliance issues and solutions.
Rss FeedRss Feed
Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...
Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch OfficesThis paper reviews the problem of creating a network where the dynamic availability of services is...
Enterprise Data Center Network Reference ArchitectureUsing a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
Stay out of the headlines: Detecting and preventing network intrusionsHow do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...
We have so many holes punched in our firewalls today that many industry insiders question the value...
IP address management in 2008 - six things to knowRead this Network World Special Brief to learn how Enterprise IT managers must update their...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comments (2)
IAMBy Dave Kearns on March 12, 2007, 11:31 amDear anonymous: I didn't mention SUN Novell, Oracle or Microsoft, either. Why? Because I wasn't talking about overall IdM/IAM, but about the fairly narrow area...
Reply | Read entire comment
How could you leave IBM off a list of identity management leaders?By Anonymous on March 12, 2007, 9:09 amIBM according to Gartner and IDC is one of the leaders in the Identity Management and Access Management space with their Tivoli Identity Management and Tivoli Access...
Reply | Read entire comment
View all comments