BMC aligns business service management with IT governance framework

* BMC’s BSM looks at the larger identity management picture

Today, we’re still on the topic of compliance management, and I want to highlight two more companies in this space, although both do a whole lot more than “simply” manage compliance.

The Ponemon Institute survey I referenced in the last issue mentioned cost and the inability to automate processes as two major sticking points when looking at compliance management implementations. Today’s two subjects, Apere and BMC, are taking very different approaches to overcoming these difficulties and both are worth looking into.

BMC, which has a number of identity and access management (IAM) products, wants you to look at the larger picture – what it calls Business Services Management (BSM). BMC contends that by getting a better handle on BSM you can both reduce costs and improve productivity of your regulatory compliance issues. I spoke last week with the company’s CIO, Greg Valdez, along with Matthew Selheimer, director of strategic marketing, and Doug Hanson, lead solution manager, compliance, about some announcements BMC was making.

The most important announcement wasn’t really a product release, but an alignment of BSM with COBIT, the IT governance framework published by ISACA (Information Systems Audit and Control Association). COBIT (Control Objectives for Information and related Technology) is both a governance framework and a “best practices” guide for IT departments (see here for all the details). By aligning BSM with COBIT, BMC hopes to increase automation of IT tasks – specifically IAM, change management and configuration management – leading to increased productivity and reduced costs. As a side benefit, reducing the need for “one-off” or “ad-hoc” compliance practices should also go a long way towards improving security and IT uptime. It’s worth your time to take a look.

Apere is taking a different approach. Jared Hufferd, Apere’s vice president of business development, and Sri Tirumala, the company’s CTO, spent some time with me last week explaining Apere’s new RapidConnector Framework (RCF). Apere says the product both lowers the cost of rolling out provisioning and identity management projects as well as shortening the time needed for the roll out – all of which goes a long way towards improving your compliance bottom line. Hufferd swore that a mid-sized company could implement an identity management solution in just a short couple of weeks instead of the current many months (he said 18 months) that he claimed as the industry average.

This is all made possible by the new framework (and the associated RapidConnector Appliance) as well as Apere’s distribution system – generally, sales and implementation are done through Apere’s network of Value Added Resellers (VAR). By deploying the RCF to the VARs, Apere simultaneously creates hundreds more points of construction for the connectors (those drivers that allow your provisioning join engine to read and write to data stores, applications and services) while also lowering the cost of any single connector because of the easy-to-use framework. Or, as Apere’s Tirumala puts it more formally: RCF “…eliminates the time and expertise required to support heterogeneous systems and custom applications, as well as the costs typically associated with using an API or software intervention to manage the identities for these applications.” Makes sense to me.

There’s a lot more to the story, so check here for the details.

Copyright © 2007 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022