Make the cost of pilfering your asset higher than its value, plus other identity management news

* Red Hat’s FreeIPA; EU looks to personalization services for mobile users

I learned from Trusted Network Technology’s PR guy George Robertson that, “With data costing companies $140 per lost record (Ponemon Institute) and selling well on the black market, business’ data could actually be worth more than its finances – though it typically has far fewer controls.” Interestingly enough, in a conversation I had last week with Securent’s Howard Ting, we discussed the old truism that you should make the cost of pilfering an asset higher than the value of the asset while concomitantly keeping the cost of protecting that asset below the cost of replacing it. If each record costs $140 to replace (or, rather, “make whole” including the costs of monitoring people’s credit ratings, etc.), and if an average data breach exposes 10,000 records (probably on the low side) then spending $1 million to protect those assets is actually a very good investment. Think of that the next time the entitlements management salesman gives you a presentation.

I learned from Trusted Network Technology’s PR guy George Robertson that, “With data costing companies $140 per lost record (Ponemon Institute) and selling well on the black market, business’ data could actually be worth more than its finances – though it typically has far fewer controls.” Interestingly enough, in a conversation I had last week with Securent’s Howard Ting, we discussed the old truism that you should make the cost of pilfering an asset higher than its value while concomitantly keeping the cost of protecting that asset below the cost of replacing it. If each record costs $140 to replace (or, rather, “make whole” including the costs of monitoring people’s credit ratings, etc.), and if an average data breach exposes 10,000 records (probably on the low side) then spending $1 million to protect those assets is actually a very good investment. Think of that the next time the entitlements management salesman gives you a presentation.

Red Hat’s Pete Rowley drew my attention to a newish open source project called FreeIPA. IPA stands for Identity, Policy, Audit. According to the Web site: “Because of its vital importance and the way it is interrelated, we think identity, policy, and audit information should be open, interoperable, and manageable. Our focus is on making identity, policy, and audit easy to centrally manage for the Linux and Unix worlds. Of course, we will need to interoperate well with Windows and much more.”

The goal of the first release, due in the fall, is to combine all in one package the following:

* Linux distributions (Fedora/Red Hat Enterprise Linux/CentOS)

* Fedora Directory Server

* FreeRADIUS

* MIT Kerberos

* Samba

* Tools for installation

* Administrative tools (Web and command-line)

Contributions of time and effort are welcome.

Finally, another project I’ve just become aware of, even as it moves into phase 2, is DAIDALOS - Designing Advanced network Interfaces for the Delivery and Administration of Location independent, Optimised personal Services. It’s an EU Framework Programme 6 Integrated Project designed to facilitate the user experience for mobile telecommunications users. In other words, it hopes to provide personalized, location-dependent services for people with cell phones. Since both personalization (attributes) and location (context) are important to an identity transaction, it’s probably good for identity-based organizations to get involved and not leave the entire definition of the system to the European telcos. Give it a look.

Editor's Note: Starting Aug. 13, this newsletter will be renamed "Security: Identity Management" to better reflect the focus of the newsletter. We thank you for reading Network World newsletters!

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Take IDG’s 2020 IT Salary Survey: You’ll provide important data and have a chance to win $500.