Thursday, December 4

Industry's First Managed Service for Identity & Access Audit

Last week, I mentioned NetVision's new Managed Service Offering. Now, it's official. The press release is out.

I know you don't all want to hear me blabbering on about my products, but bear with me on this one for two reasons:

1 - It's what I do all day, so it's hard to NOT talk about it.

2 - This is REALLY interesting stuff. I'm not talking about a new feature or bug fixes. This is a new way of delivering solutions that really makes life easier and is more cost effective for our customers. Nobody else is doing this.

Here's what it boils down to:

Our software has gotten better over the years. It's been around for a decade and we have scars, battle wounds, lessons-learned, and the benefit of the collective experience of twelve years worth of customers. But, solution software isn't enough.

You need hardware, platform OS software, database and reporting software, and it all needs to be installed, configured, maintained, and integrated. Assuming all of that is done, to get the answers you need, you'll also need knowledge -- of the systems that you want to audit and of the requirements (what questions should you ask).

So let's say that you spend some consulting dollars to get the system setup, it's producing all the right answers, and you get knowledge transfer on how to use the system. What happens when requirements change? Or when the guy who was trained leaves the company or switches roles?

Systems are complex by nature. Understanding how to tie together directory, file system, database, reporting, takes a fair amount of knowledge -- especially when you think about re-configuring, tweaking settings and performance, troubleshooting issues, etc. And when you're doing it for the first time or it's not your primary job function, it can be inefficient to say the least.

So, we put our money where our mouth is. We will maintain the investment in expertise. Expertise in the systems we rely on, the systems we audit, our own system, and the requirements & best practices needed to coax out the right answers. We already do this stuff, so we decided to scale it out a bit and pass the economy of scale cost savings on to our customers.

We made improvements to the management interface, nailed down hardware requirements to an appliance, and put resources in place to provide the service and monitoring delivery.

I'd love to know what you think. I'm particularly interested in those of you who are setting up managed identity services businesses. This is something that can help you keep an eye on the effectiveness of the IAM solutions you manage. AND it can help your customers keep an eye on what changes you might be making to their environment. It's also a great solution for organizations that outsource IT and have no in-house directory expertise but want to monitor access rights and other directory or file system rights changes.

Visit our site for more info on Microsoft Active Directory solutions or Novell eDirectory solutions. I look forward to hearing what you think.

1 comment:

Anonymous said...

A few years ago I did some consulting with a large organization to help them integrate an IAM service into multiple web applications. The process of doing the integration was painful but achievable, and we did manage to get a number of applications integrated over a three year period.

The major problems we encountered with the service included complexity of integration (e.g. multiple platforms), general inflexibility of the service, an over-selling of the service's capabilities and the difficulty managing multiple business and technical teams.

Since that time, I've focussed on clients that want to build and integrate solutions in-house. This has been more rewarding because the technologies and processes are easier to manage and results are more immediate. That's not to say that a service-based IAM solution can't also be successful -- things have changed a lot since 2003, with many of those lessons learned you speak of having been learned already...

The idea of carving out the monitoring and audit function into a service is interesting, and one that is worth investigating. From my experience, if it is flexible and functional, you're probably going to have success.