April 11, 2007

What Precisely is Identity Management?


“The human experience of IDENTITY has two elements: a sense of belonging and a sense of
being separate.” - Salvador Minuchin, 1974

Identity management technology is ideally suited to automating processes that enable Sarbanes Oxley compliance. It specifically addresses security processes associated with establishing “adequate internal controls” around financial reporting, as required by SOx section 404(a). By mapping these processes as well as internal security policies to automated identity management, enterprises can leverage highly efficient and cost-effective technology frame-works for improving security and ensuring compliance. In addition, the right identity management solution can bring about greater operational efficiencies in general, and provide a significant return on investment for the enterprise.

Drivers for Identity Management
• Organizational Efficiency. Enable transactions and person-to-person communication.
• Competitive Advantage. Capturing new or larger shares of markets and enhancing company position against competitors.
• Security. Enable authorized access and prevent unauthorized access to information and services
• Speed of Reaction to Change. Mergers, reorganizations, departmental moves.
• Fraud Prevention. Hard to quantify, but can clearly provide major savings.
• Consistent Treatment of the Individual. “End-to-end” management of employees, “single view of the customer,” “joined-up government.”
• Integrated Information Infrastructure. Enable move away from “information silos” and “IT-processing chimneys.”

Real world Examples:
An Indian Office of a top US company, paid salary continously for six months after an employee left the organization.

In one of my previous organization's, the email id of my colleague who left the company existed for almost eight months after he left.

Similarly, in every organization, the current approaches to User/Identity management are crude and fail to provide complete security. A one time Provisioning and one time deprovisioning of identities, with complete auditing facilities for every account created or deleted will be the better solution for the existing problems. This is nothing but Identity Management.

This Domain majorly is composed of the following technologies/domains

1. LDAP/Databases
2. Identity Management
3. Access Management
4. Federation

Product Companies:
The top company for IdM, not to boast but a fact is SUN Microsystems. To see the players in the IdM market and thier positioning, try to google for "Gartner's Magic quadrant for User Provisioning".

I shall try to provide some slides in the near future on the same topics. Meanwhile, enthusiasts are request use the most powerful knowledge tool - GOOGLE.