- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
 |
For John Jackson, director of software technology for General Motors, the question isn't whether to build an infrastructure
for digital identity, but how to ensure that he has a firm foundation from which to start. As 2006 unfolds, many of Jackson's
peers find themselves in a similar position. Across corporate America, identity management is running up the IT priority chart
and into the New Data Center (NDC) security infrastructure.
Jackson can't afford to make mistakes - nor can anyone else. Security, privacy and federal compliance issues are among the critical initiatives Detroit-based GM and others will tackle on the back of identity-management tools such as strong authentication, single sign-on (SSO), provisioning, password management, federation, auditing and tracking. In November 2005, Ponemon Institute, a research firm focused on information and privacy management, found the financial impact of data breaches ranged from nearly $500,000 to as high as $52 million for 14 companies studied.
"Ten years ago, the prevailing assumption was that if you were on the GM network, then you were a GM employee," says Jackson, who is on the board of the Liberty Alliance, a consortium developing protocols for sharing identities.
"Today, we have dealers and suppliers [on the network] that are not a part of GM. Add the fact that we are completely outsourced, and it becomes critical to track who you are and what rights you have so we can make sure that people only get to the information they are allowed to get to. Identity is the foundation for everything we do," he adds.
So important is this that GM has a 12-person identity group within the security team. The group continues to consolidate internal directories while expanding its identity federation deployment and building out virtual directories and SSO capabilities.
Users and analysts agree that identity is seeping into corporate infrastructure.
"In five years, what we talk about today as identity and access management will just be another part of the infrastructure, and it won't be sold separately. It will be part of your security foundation," says Sally Hudson, a security research manager at IDC.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment