Tuesday, November 25, 2008

Managed Identity Services Winner

Thanks to everyone who filled out the Managed Identity Services survey. We finally identified the winner of the giveaway....and the winner is Niall McLoughlin! Enjoy your new iTouch! Thanks Ian for all the work on the survey, and thanks Matt for aiding with the whole winner selection thing.

Sunday, November 23, 2008

A Few More Snappy IdM One-Liners...

In response to my request for snappy one-liners that would be applicable for identity projects, Jeff Bohren and Mike Conklin (welcome to the blogosphere, Mike!) provided some input. Here are some of my favorites:

  • The dirty little secret about provisioning is that it’s really all about deprovisioning.
  • You shouldn’t start out trying to do account management by adding another account to manage.
  • It doesn't matter what you do on the back-end -- if the end users (and project sponsors) can't see tangible results that affect their day-to-day activities, all the process re-engineering and data clean-up in the world is going to go unnoticed and unappreciated.
  • For whatever reason, hearing the exact same thing come from an outside consultant actually sinks in with management, but this never seems to happen for internal people :)
Seems like fun so far... so, I'm tagging Matt F., Matt P., Azeem Khan, Mike Trachta, Ian Yip and Jackson Shaw (just to throw a little product in the mix) to contribute their wit to the conversation.

Tuesday, November 18, 2008

It's About the Business...

I just got back from another long day with a client to aid them lay out their identity management roadmap. I've noticed a few interesting recurring themes:

  • Good technology can't compensate for bad processes (although it might make it less painful)
  • Fixing your data without fixing your processes is like painting your house on a rainy day
  • Throwing more software at an identity problem usually exacerbates it
  • A dollar in an identity project doesn't take you as far as you'd expect (even though its well worth it)
  • What business users think is happening is quite often vastly different than what is happening under the hood
Any other snappy one liners?

Wednesday, November 05, 2008

Repealing SOX and Identity Management

Newt Gingrich and David Kralik wrote an op-ed in today's San Francisco Chronicle about repealing SOX. I've been following the buzz around this for a few months, but it always has a bit more bite when it comes from a former Speaker of the House. Gingrich and Kralik outline a number of convincing reasons to repeal SOX, including its negative impact on the IPO market as well as its failure at "...preventing insolvencies and accounting shortfalls in companies such as Bear Sterns, Lehman Bros., American International Group (AIG) and Merrill Lynch." The last lines of the article are very action oriented,

With a new presidential administration and a Congress convening in less than three months, now is the time to begin thinking through the solutions needed to address our economic challenges. Economic growth in a sound market economy requires smart regulation, not destructive regulation that hurts economic growth. Sarbanes-Oxley fails that test. It should be repealed.

I've written previously on the need to move away from compliance as *the* driver for identity. A legislative act such as this could force our hand as an industry. Being personally involved in the process, I am acutely aware of the impact that compliance has on quickly approving budgets for projects, and the way IT has leveraged SOX in order to push projects of their liking (even if its true ability to demonstrate compliance was suspect). This hyper-compliance environment may have created complacency on our end from the perspective of demonstrating the true value of identity for the business. Anyway you slice it, if SOX gets repealed (or slimmed down, as I expect it will be), we're going to have think a little harder, and I think that's a good thing.

Tuesday, November 04, 2008

Random Thoughts on Hitachi and Construction Cranes

Looking outside of my window this morning, I noticed a construction crane with the label "Hitachi" on the side. I kind of chuckled at the notion that a company could provide Identity Management software and construction machinery at the same time. Being part of startups nearly my entire career, where focus and niche is everything, my narrow view of the world makes it difficult to comprehend that a company could do such vastly different things effectively. Then again, it's not the first time. Siemens has its foot in the Identity world, and makes hearing aids and dishwashers too.
Does laser focus in the startup world not apply to larger corporations? I'm sure there are a few dozen books on the topic...time to go find 'em.

Monday, November 03, 2008

The Answer is...On-Premise Managed Identity Services

Ian has posted his findings from his Managed Identity Services survey. My primary interest around the survey was to see if data could be collated that could identify characteristics of a managed services solution around IdM that would make customers "comfortable". (In the past, I've posted on the "comfort vs. security" notion). Anyhow, some tasty nuggets are below. Go to the real survey findings for more.

  • 67% of respondents have already completed a provisioning implementation (3% as SaaS, 10% have done it in some type of managed service offering, 37% have host and manage it themselves)
  • When asked what model they would prefer, 19% wanted SaaS, a whopping 36% wanted an on-premise managed service, 19% wanted an hosted managed service model (that's a total of 55% who are looking for a managed service offering!), while only 13% want to handle it all themselves.
  • When asked about what was the barrier preventing them from outsourcing IdM, 22% identified security risks around data being held outside of their infrastructure, 20% said risks regarding external people access their environment, 14% said cost, 11% said loss of control.
So, it seems that although most respondents managed it themselves, over half wanted a managed service model. The risk around data being held outside of their infrastructure could be alleviated by an on-premise model, although I don't think that the significant 20% who didn't want outsiders accessing their environment will be appeased by any solution.