With regards to Identity Access Management, A lot of enterprise customers are beginning to realize the advantages of identity and access management (IAM) technology as an primary part of their stash of security software programs. Now, IT security operations groups should be paying very specific attention to IAM providers that are fixed on a strategy to scale down the implementation experience.
End users are being pushed to undertake Identity Management (IdM) technology primarily because of the need to abide by regulations such as HIPAA, SOX and PCI. They need to prove accountability around data access and administration. At the same time, these hard-working IT folks also want to provide worth to their company’s employees by supplying them smooth access to the business apps they should have to do their jobs. The last thing IT wants to do is impede the business exec trying to access company data from a motel room as they try to put together a presentation, or keep the sales guy from getting at product statistics and obstructing a likely sale.
IAM implementations are tough though. One chief security officer (CSO) of a huge enterprise I talked with recently states provisioning role-based access control (RBAC) across a organization’s applications is “a huge workload.” Andrew Braunberg, a research director at Current Analysis, agreed. He compares IdM deployments to SIEM deployments, where you need to setup connectors to everything when setting up password management, and says the method is, “a hell of a lot of work.” This is why Braunberg hopes for more consolidation, where IAM is in the end rolled-up into GRC (governance, risk and compliance).
That said, CIOs should be informed of some fascinating trends over the next year, which includes the implementation between IAM and DLP (data loss prevention) compliance technology, to support more automated response following breaches in company policies. Vendors such as Courion are making a lot of hype around these activities, having lately done deals with DLP guru, Symantec and RSA.
An additional interesting idea designed at easing Identity Access Managemnet deployments is to work IdM into SOA (service-oriented architecture), so software architects can dodge the chore of reverse-engineering for each application they are trying to write to. Rather than having to create capabilities (such as IdM) for every utility that needs them, coders can call upon parts of software referred to as services (under the SOA model) to more easily make changes to an app. A number of distributors, including Oracle, have been working toward these capabilities for some time now. The notion behind SOA is business dexterity and this should be music to a CIO’s ears–primarily one that is looking after an Identity Access Management project where developers need to build connectors to a slew of enterprise programs.
