I like the cartoon at this Imanami blog entry. It's funny and makes a clear point about identity management (provisioning) solutions. I'll let them make the point rather than re-write it here. But like the old cliche says, a (moving) picture is worth a thousand words.
Tuesday, February 23
Friday, February 12
I read an article this morning written by SailPoint's Darran Rolls titled How Identity Governance Solves the Compliance. Aside from my feeling that the title was either cut-off or misprinted, the article makes a lot of sense. Rolls writes:
The identity management landscape is changing. The need for stronger auditing controls is giving rise to identity governance tools that are supplanting ID provisioning solutions as the centralized management layer for identity.and later makes the point that:
This ability to translate technical identity data into business-relevant context is a critical advancement from old-school provisioning technology.Yes and Yes.
This is exactly what I've been spending my time on at NetVision. One difference though. Much of Rolls' article focuses on the topics of platform coverage and correlation. While our solution scales and is deployed well into the Fortune 500, most of the organizations we speak to are turned off by the complexity involved with integrating numerous platforms.
NetVision's focus is on core network systems - Microsoft and Novell. That's Active Directory or eDirectory, which hold network user accounts, security groups, and some other entitlements based on account attributes -- and the associated file systems, which are a breeding ground for unauthorized access of sensitive information. Our goal is to be simple and easy to use, with no requirement for in-house expertise on access rights. And we get results on day one.
I'm not trying to give a pitch. My point is that Identity Governance is important. But, it's not one size fits all. While some organizations are looking for the solution with the broadest range of platform coverage and are willing to accept the inherent complexity, many are looking for easy-to-use, simple-to-own solutions that cover core networking platforms.
Who Has Access to What? is the question of the year. Tools that enable you to audit, monitor, alert, and report on access rights are a must-have for driving down audit costs and improving your ability to answer that question. We're entering the next wave in Identity Management. And it's not a pie-in-the-sky utopia of federated identity with built-in governance (yet). It's real-world solutions for answering the question of year with zero effort.