Dave Kearns offers a concise explanation of the core difference between user-centric identity and enterprise identity. His summary:
Enterprise-centric identity management is really all about tying together all the activities and attributes of a single entity into a readily accessible (and reportable and auditable) form. User-centric identity is about keeping various parts of your online life totally separated so that they aren’t accessible and no report can be drawn.I like the simplicity of this explanation. I think it really captures the essence of the difference in an understandable way.
In this article from ComputerWorld, the Director of IS, strategy and architecture at Universal Service Administrative Co. is profiled. He talks about his current project:
An IAM framework will allow for customer information of applicants and contributors to remain consistent across IT platforms while spanning new and legacy systems and applications. My goal is to have one authoritative repository for contributors' and applicants' access information that will be used in managing a secure access control infrastructure. I believe that identity and access management will become an underpinning technology that IT leaders need to address.He goes on to say that Identity Management is the most critical technology of the year. It's nothing earth shattering, but I always give priority to real customer insights.
Interesting Service Offering
I've discussed the idea of outsourcing identity and managed identity services, but CoreBlox, a company founded by ex-Netegrity folks, have this posted in their service offerings:
Dedicated CA SiteMinder Support Professional
It's an interesting twist on managed identity services and one that I think would resonate with customers. I've known a number of companies who would've liked to just outsource the identity support role to someone who knows what they're doing -- without having to hire and without having to pay for a full-time resource who sits around waiting for something to go wrong. One of the things I like about this is that CoreBlox isn't trying to provide a support professional for any identity system. They're focused on the technologies that they know.
So, if you had a provisioning solution from Courion or SAP and Siteminder for Web Access, you might need to go to two different people or companies to get the right support. BUT - that focus on core expertise is a recipe for success (especially in a support role). And likely still more cost effective than hiring, training, and retaining someone to support these complex systems.