On Identity Management

During the last 3-4 years, Identity Management appears as the next big thing in the Information Security arena: know your users, what they do, what resources they can access, how, when and why and for how long…. Quite interesting as a concept, taking into account the really fast pace organizations adopt new systems and maintain access control operations (if so they do).

Based on the cornerstone of RBAC, IdM seems both as the strategic and tactical solution on user’s management (not mentioning federation issues). Too complicated for a Sunday evening…

I was recently involved into delivering an RFP response for a major financial institution on the region, cooperating with one of the leading IdM vendors according to the Gartner Group. I’ve got some years experience in dealing with NASDAQ companies when it comes to respond to RFPs (I also -kind of- work for a NASDAQ company), so I’m familiar with their internal procedures, and the heavy effort I have to put before even thinking of organizing chaos.

I also have some experience in IdM projects, having participated myself in one of the biggest installations in the region, so this project is not something out of space to me.

At the end of the day, it all comes down to 5 elements: business benefits, technology, project management, products and services. These elements are what the customers evaluate (I leave budget aside…). So by having a good vendor at the side of your skilled employees, being able to present a straightforward solution with a corresponding methodology and justify your costs is -more or less- the keys to deliver a good response to an RFP.

As told before, I cooperated with a Gartner Group leader in IdM, a really huge (really..) company. And here is my story, that provides a fairly good explanation of how IdM concept was originally perceived..

Setting up meetings to discuss the RFP was a real pain: 6 different representatives, from 6 different departments with -unclear to me but strongly defined- Chinese walls to prevent them from knowing what each other does. After the Japanese habit of collecting business cards, started to discuss on the deliverables that would compile our response the funny game begun.

Pricing for licenses are finalized by the Senior Account Manager of Technology/Financial Institutions and Healtcare, but only after services are finalized by the Manager of Consulting Services for Authentication/Technology Practice, EMEA. Services, on the other hand, are defined from the Project Office only after the Technology Operations and IdM Architect Teams have agreed with the VP of Sales on Strategic Accounts Management and described by the Manager of Consulting Operations for Technology. And do not forget validation from the Principle Alliances Manager… Come on!

I now understand that the idea of IdM was originally perceived by a poor HR guy (be it a lady, does not make any difference) in one of these vendors, that had the task of depicting the corporate organization chart in A0 paper, playing the game of “who is who” and “who does what” in such a company.

My point: I don’t believe in technology solutions that do not solve a problem but transfer the problem on yet another higher level (let alone those who claim to solve another problem) – I never did and most probably I’ll never do so. I do not believe in overestimated hypes that cannot justify their reason of existence. I do not believe in complicated technologies that miss their targets, which is actually managing subjects performing access control operations on objects – and this is what IdM does not do. In fact, I cannot manage a non-established identity using software – period.

Revisit the basics: define the problem and solve it, halelujah ! All in all, once more: it is not that they cannot see the solution; it is that they cannot see the problem…

12 responses

  1. I have read several good stuff here. Definitely worth bookmarking for revisiting. I surprise how much effort you put to create such a wonderful informative website.

  2. Somebody essentially help to make seriously posts I would state. This is the first time I frequented your web page and thus far? I amazed with the research you made to create this particular publish amazing. Excellent job!

  3. I’m impressed, I must say. Very rarely do I come across a blog that’s both informative and entertaining, and let me tell you, you’ve hit the nail on the head. Your opinion is important; the issue is something that not enough people are talking intelligently about. I am really happy that I stumbled across this in my search for something relating to it.

  4. I am extremely impressed with your writing skills as well as with the layout on your weblog. Is this a paid theme or did you customize it yourself? Anyway keep up the nice quality writing, it’s rare to see a great blog like this one these days..

  5. Hey there, You have done a fantastic job. I will certainly digg it and personally suggest to my friends. I am sure they will be benefited from this site.

  6. Wonderful web site. Plenty of helpful info here. I’m sending it to a few friends ans additionally sharing in delicious. And of course, thank you for your effort!

  7. What i do not understood is actually how you’re not actually much more well-liked than you might be right now. You’re very intelligent. You realize thus considerably relating to this subject, produced me personally consider it from so many varied angles. Its like women and men aren’t fascinated unless it is one thing to accomplish with Lady gaga! Your own stuffs nice. Always maintain it up!

  8. What a great website. I am happy I found it.It’s nice to read something interesting I cannot find subscription list

  9. Hello everyone. I was just surfing the Internet for fun and came upon your website. Terrific post. Thanks a lot for sharing your experience! It is good to know that some people still put in an effort into managing their websites. I’ll be sure to check back from time totime.

  10. I’m not that much of a online reader to be honest but your blogs really nice, keep it up! I’ll go ahead and bookmark your site to come back later. Cheers

Leave a Reply

Your email address will not be published. Required fields are marked *