- Microsoft Windows chief decries standards grandstanding
- The 5 best, and 5 worst, features of Google Chrome OS
- Federal government using PS3 to crack pedophile passwords
- 10G Ethernet cheat sheet
- Top 10 free Windows tools for IT pros, at a glance
 |
For John Jackson, director of software technology for General Motors, the question isn't whether to build an infrastructure
for digital identity, but how to ensure that he has a firm foundation from which to start. As 2006 unfolds, many of Jackson's
peers find themselves in a similar position. Across corporate America, identity management is running up the IT priority chart
and into the New Data Center (NDC) security infrastructure.
Jackson can't afford to make mistakes - nor can anyone else. Security, privacy and federal compliance issues are among the critical initiatives Detroit-based GM and others will tackle on the back of identity-management tools such as strong authentication, single sign-on (SSO), provisioning, password management, federation, auditing and tracking. In November 2005, Ponemon Institute, a research firm focused on information and privacy management, found the financial impact of data breaches ranged from nearly $500,000 to as high as $52 million for 14 companies studied.
"Ten years ago, the prevailing assumption was that if you were on the GM network, then you were a GM employee," says Jackson, who is on the board of the Liberty Alliance, a consortium developing protocols for sharing identities.
"Today, we have dealers and suppliers [on the network] that are not a part of GM. Add the fact that we are completely outsourced, and it becomes critical to track who you are and what rights you have so we can make sure that people only get to the information they are allowed to get to. Identity is the foundation for everything we do," he adds.
So important is this that GM has a 12-person identity group within the security team. The group continues to consolidate internal directories while expanding its identity federation deployment and building out virtual directories and SSO capabilities.
Users and analysts agree that identity is seeping into corporate infrastructure.
"In five years, what we talk about today as identity and access management will just be another part of the infrastructure, and it won't be sold separately. It will be part of your security foundation," says Sally Hudson, a security research manager at IDC.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment