I've given you my predictions for what 2008 has in store for identity management, but there are a number of people in this business who want to stick their necks out, also. So let's travel around and visit with the people who think they can see (at least a little bit) into the future. Our first stop will be in Boston, where a couple of guys who are either giddy about the Patriots' prospects or blinded by the inordinate amount of snow, ventured into prognostication.

First up is Courion’s Chris Sullivan. He’s VP of “Customer Solutions,” whatever the heck that means. But he was fearless in his prediction: “2008 will be a great year for IAM [identity and access management].” Sullivan is hoping, in fact, that the seers are right when they predict a banner year for GRC (governance, risk and compliance) because, as he put it: “You cannot exercise authority over (govern) anarchy. It follows then that.... (wait for it)… GRC initiatives will formalize and align more IAM initiatives.”

Fellow New Englander and Aveksa marketing VP Brian Cleary (I mentioned one of his predictions last week) also cited governance in his second prediction: “Another thing that I think we will begin to see in 2008 is the importance of risk management in access management. With the number of data breaches, audit failures and compliance violations we've seen, access governance can be used to map and proactively manage potential risks (legal, revenue, expense, reputation, etc.) to the business that can be realized by inappropriate access and human error.”

Risk management, which I lump under context-based access control (CBAC), will become very important in 2008. So important that we’re putting together a full track on “context” at the European Identity Conference in April. I’ll also be talking a lot about it in this newsletter in the coming year. At least that’s one prediction I can make come true!

Courion’s Sullivan also wanted to share a couple of new white papers (which I’m sure he contributed to):

* User Provisioning – The Courion Perspective: User provisioning is the core component of a successful identity management program. Organizations need to control who has access to enterprise resources, what level of access individuals have and who is authorized to grant access. This white paper details best practices for developing a user provisioning and access management strategy, key considerations when selecting an automated provisioning solution, and Courion’s results-oriented approach to automated user provisioning.

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.