Posted by Victor Barris on Fri, May 15, 2009
A colleague recently forwarded me an article referencing ComTIA’s 7th annual “Trend in Information Security” survey. I’ve always been a bit of a skeptic when it comes to some of these surveys, but with the current state of IT spending and how Information Security is impacted I needed to look into this a bit further.
Being in IT and Information Security now for close to twenty years it’s safe to say I’ve been through a couple of cycles where IT spending has been impacted based on challenging economic times.
Continuing to keep a pulse reading on the market and IT spending we’ve had our share of customers responding with the typical “Budgets are on hold” statements and “”We’ve just laid off 20% of our IT staff.” No question IT spending has suffered, but I can attest to CompTIA’s survey on the fact we’ve experienced IT Security spending sustain itself and even increase in some areas. Vendors we partner with who are focused on security solutions addressing regulatory requirements and operations efficiencies have had record setting quarters particularly Q4 of ’08 and most recently Q1 in ’09.
One of the key areas we’ve experienced increased activity in IT Security spending has been with on-boarding and off-boarding of employee accounts resulting from either downsizing or mergers and acquisitions. These are Identity Management specific tasks and the focus and attention in these areas are required to address regulatory requirements, operations efficiencies and mitigating any potential security risks. Organizations have worked diligently addressing these tasks manually, but when companies are now operating with a reduced staff members cutting corners to achieve these critical tasks should not be an option. There are short term and long term gains in automating Account Provisioning and Deprovisioning both from a cost saving and operational efficiencies.
Posted by Azeem Khan on Thu, May 07, 2009
Amit Jasuja, VP Product Management at Oracle breaks down the various segments/technologies that make up what we call Identity Management. A very good top down break down for beginners.
Can't wait to get deeper into these topics and learn more about actual Identity Management offerings? Then check out Identropy's Idm 101 Series.
Remember to comment if you found any of these posts useful or if you have any questions.
Source
Posted by Ash Motiwala on Tue, May 05, 2009
In my last entry on Identity Management Project Scoping, I wrote about putting together a "PUT" chart, and creating Business Process Correlation sets. If you have been following along, at this point you should have a pretty telling matrix of processes, user populations and target systems, along with correlations and priorities.
Here is the next step...
Step 3: Provide a Non-Technical Description of Each Process
This one could be a bit time-consuming, but well worth it. For each Business Process Correlation Set, provide a short non-technical description of the process flow from beginning to end. For a more detailed method of describing the workflow, create a table that follows the template below (a sanitized example from one of our clients):
...
At the end of this excercise, you should have a pretty good handle of what business processes you are looking to automate, the target systems, the user popuations, the priorities, and a good grasp of the process as it stands today.
Typically, the total set of data that you have completed will need to be broken down into a phased implementation. An Identity Management Consulting firm should be able to guide you in the process of translating the results of the scoping excercise above into an Identity Management architecture, help you find a solution that works for your specific requirements, as well as help you put together your very own Identity Management Roadmap (yipee!). All fun stuff, and good practice when engaging in an Identity Management project.
Posted by Adrian Rodriguez on Thu, Apr 30, 2009
Our goal is to keep you informed and highly educated on identity management solutions, trends and business.
Identity Management Solutions 101: User Provisioning
Identity Management Solutions 101: Password Management
Identity Management Solutions 101: Enterprise Single Sign-On
Identity Management Solutions 101: IaaS (Integration as a Service)
Stay tuned for more sessions about topics such as Deprovisioning, Cloud Computing, SOA and others.
Posted by Adrian Rodriguez on Wed, Apr 29, 2009
When I was growing up my dad always told me "People make first judgments on image; have a good one." He suggested that I accurately project the image of the "real me". A person's dress, mannerisms, their speech, their friendliness, and many other items create images that last for a long, long time. That idea of you becomes your identity.
This has become more and more the reality with the inception of social media sites like Myspace and Facebook. Users have inserted so much of themselves into their pages that it goes beyond what our parents taught us about showing people who we are and have taken it a level where we have given the world more than enough information to become us. Most high tech occurrences have manifested themselves from the direct theft of the identity in combination with information from someone who knows something about you.
Advancements in online security have kept the numbers quite low and even though the attacks seem quite rampant online security analysts have continued to provide levels of security which are unmatched with any other. 43% of all identity theft is due to lost or stolen wallets and checkbooks in comparison to 11% coming from online attacks. More than 10% of victims knew their fraud perpetrator and there has been a huge decrease in identity theft via mail from the inception of electronic statements. This all sounds like it sides completely towards the benefit of using the internet even more but please use it responsibly.
Tips:
1. Set your settings on social sites to be viewed by "only friends".
2. Change your passwords every few months.
3. Search for your profile on other social network sites that may have been built without your knowledge.
Safe surfing!
Posted by Ash Motiwala on Tue, Apr 28, 2009
What is the shortest path to effectively determine the parameters of your Identity Management initiative? This article is for folks that want to put scope to their Identity project, but not sure where to begin.
This is a 2 part series that could help put some scope around your initiative. We're assuming that your business drivers are clear to you, and this excercise works best for folks who have a general idea of what they want, but need to put some details in there...so here goes:
STEP 1: Complete the PUT Chart
The first step of the exercise is to complete the PUT Chart. "PUT" is an acronym that stands for Processes, User Populations and Target Systems. Understanding these three components and their inter-relationships is the key to accurately scoping most Identity Management Initiatives. The following format should be utilized:
Processes are defined as a comprehensive list all business processes that your organization is seeking to manage under the Identity Management initiative, and should be your first point of context for scoping your project. User Populations list the unique set of populations that make up and interact with your environment directly. Target Systems list all applications where identity data is stored and have a direct relation to your users and their accounts. A good litmus test is to identify target systems for each user population listed in column 2.
STEP 2: ASSIGN CORRELATIONS AND PRIORITIES
The next step is to draw lines of correlation between the processes, user populations and target systems. For example, if User Attestation is applicable only to Full Time Employees and Vendors, and only for the Lawson Financials system, then the appropriate lines should be drawn between those items in order to denote the relationship.
- This process should be continued until all listed items in the 3 columns have been correlated. Each continuous line from left to right constitutes a "Business Process Correlation Set".
- This portion of the exercise will allow you to refine your user population segmentation. If you find it difficult to correlate a specific user population, you may need to rethink their granularity level.
- At this point, you will have a matrix of relationships that provides context to the business processes you are seeking to manage within the Identity Management initiative.
- Once completed, assign one of three priority levels (high, medium, low) to each Business Process Correlation Set. These priority levels will be useful when identifying an Identity Management Roadmap.
(to be continued...)
Posted by Adrian Rodriguez on Fri, Apr 24, 2009
I promised myself that I wouldn't write about the acquisition of SUN by Oracle but after reading all of the different blog posts that I read including Matt Pollicove's IdM Thoughtplace and Jackson Shaw's blogs...amongst others and what I read is that it could take months before this even affects the identity management product but here's my take on Oracle and where things could end up.
1.The best companies become even greater by the decisions that they make. Kind of reminds me of teams like the Raiders and Lions on NFL Draft Day...they draft pretty high every year but they just can't make those amazing picks turn into anything substantial and teams like New England give up early picks and just make good decisions. Talk about getting a deal...oops...I mean a steal. For the average person $7.4 Billion sounds like a ton of money but thinking that Larry Ellison feels he will squeeze $1.5 Billion in profit out of that acquisition this year and $2 Billion out of it next year shows that this was not just a knee jerk reaction to IBM wanting to make this same purchase.
2. 2008 Gartner Magic Quadrant for Provisioning
Gartner's 2008 Magic Quadrant showed that SUN and Oracle were tops in the provisioning space. This acquisition would leave Oracle firmly placed at the top with IBM Tivoli.
3. According the 2008 Gartner Magic Quadrant Report, Oracle had 11.9% of the market share and SUN had 11.8%. The closest competitor, CA, had 14.6% market share which was also down 6.3% from 2006. Viewing this simplistically, we can say that Oracle now has almost 24% of the Provisioning market.
4. Can the many new advancements in the SUN product such as tying their identity software to Google Apps Premier and Amazon's Cloud platform save them? Actually I feel that Oracle instantly becomes a leader in the cloud computing space. It may take the need to make SUN/Oracle's Cloud Computing Platform less open source and back it up with Oracle's Database versus MySQL to take it to the Enterprise level.
There are many more reasons that this acquisition could make Oracle a winner such as OID/LDAP, JAVA and others.
Whats your take?
Posted by Adrian Rodriguez on Wed, Apr 22, 2009
You know that something
is new when it is listed in Wikipedia but still is not clearly defined.
Wikipedia says, “The
origin of the terminology "Integration as a Service" is not clearly
defined. However "IaaS" is becoming widely used in reference to Software
as a Service.”
Companies like Bluewolf
and Identropy are paving the way towards defining and implementing IaaS.
"Integration
software has become a commodity," said Lou Fox, CTO of Bluewolf.
"We focus on making sure you are successful with integration by wrapping
in monitoring, maintenance, enhancements and consulting into our
Integration-as-a-Service offering so that clients can get a complete solution,
not just a tool."
Ash Motiwala, CTO of
Identropy has said, “Identity Management lends itself perfectly for Integration
as a Service since the true goal of bringing these products in to any
environment is reducing costs. The next way to continue reducing those
operating costs is by providing support on those integrated systems.”
In my opinion,
technology has progressed from the normal implementations, to the much lesser
known Identity as a Service (which was popular about a year ago but really
never caught on because it is what all implementers were already doing) to
Integration as a Service (which provides the greatest value and return on
investment for an organization).
So if I were to define
IaaS, I would define it as a solution that combines consulting services and
implementation of identity solutions coupled with a proactively managed and
integrated support service.
In future posts we will
dive further into Identropy’s IaaS solution iMIS (Identropy Managed Identity
Service) http://www.Identropy.com/Products_iMIS/.
Posted by Azeem Khan on Tue, Apr 21, 2009
IT managers and executives alike are seeking ways to not only cut costs but also to improve their business proceses. Replacing manual steps with automation can reduce time lost by administrators and employees alike.
Just think about the ammount of time tech support spends on changing passwords, or the ammount of time it takes an administrator to provision (create new accounts) for newly hired employees across multiple target systems. How about determining what accounts and permissions a new hire should get? That's right all of these things can be automated based on business rules. Not only is this really efficient, but it's a serious money saver.
The following is a typical cost savings example for an organizationwith 10,000 users:
| Total number of users: | 10,000 |
| Item | Current cost | Reduced cost | Notes |
| Productivity lost by new users waiting for access | $1,200,000 | $240,000 | 10% turnover, 5 days manual/1 day automated user creation, $60k/yr value of productivity. |
| Productivity lost by current users waiting for changes | $1,200,000 | $300,000 | 1 change/user/year, 4 hour wait time reduced to 1 hour. |
| Direct cost of security administration | $480,000 | $240,000 | 8 administrator FTEs reduced to 4. |
| Total | $2,880,000 | $780,000 |
| Total savings per year | | $2,100,000 |
Source
Posted by Adrian Rodriguez on Mon, Apr 06, 2009
I am so amazed when I
ask myself "how did that guy do it first?". If you think about it
aren't you shocked when you think about the first guy that said to himself I am
going to eat that octopus or that oyster...I mean if you have ever seen an
octopus or oyster you would say how do you eat that? It really doesn’t look
like one of the more edible things out there but guess what it’s a delicacy (of
course not for me because I’m allergic…so if you ever take me out to dinner
skip the seafood).
That brings me to the
thought of how many firsts do you get in this day and age and I must say that
the list of firsts is getting shorter and shorter. Only the really smart guys
are producing those firsts. I guess that Innovators will do things first. SAAS
"software as a Service" and Cloud Computing seem to be the last
couple of firsts that I have seen and I must say they are exciting and
innovative but what’s next and who is going to do it.
I don’t think that I
will have to go too far to find out who will be the next top innovator.
Identropy was mentioned in Gartner’s Magic Quadrant as an Innovator and has
consistently produced technology to improve the identity space.
What have we done
recently to get on this list? IAAS “Integration as a Service” which has been
achieved through the inception of iMIS “Identropy Managed Identity Service”.
Stays tuned for more
briefs or take a look at it on http://www.Identropy.com/Products_iMIS/