Your network ate my fine-grained auth engine: Cisco to acquire Securent

Posted November 1st, 2007 - 1 comment

Cisco has announced it has agreed to acquire Securent. First, of congrats to my friends there. Well done.

Second, I have to wonder about this one. It makes a form of sense to integrate Securent into SONA. That makes sense… at some point. I wonder how baked the addressable market is for fine-grained authorization capabilities managed from the network through the application stack. Abstracting routing tables to business processes and objects is definitely an interesting one, but when does it really transition from an interesting academic exercise into a Cisco-sized market?

Third, Andras Cser over at Forrester writes:

Given the fact that enterprises are increasingly looking for integrated IAM stacks, the entry of Cisco into the entitlement management market will require a clear strategy of becoming a provider of IAM solutions either through organic growth or by acquisition.

If Cisco is really getting into the IAM market, they picked a bit of an unusual beachhead. Entitlement management and fine-grained auth are emerging submarkets within IAM; they are important, but are significantly smaller markets than web access management, enterprise single sign-on, user provisioning, etc. If Cisco is that serious about tackling this market, it seems to me they would have started with a more mainstream, mature area.

November 1st, 2007 | Tags: , , , | Category: Identity Management | One comment

DIDW: Sun’s deployment of Sun Identity Manager

Posted September 24th, 2007

I love customer deployment stories.  I especially love hearing about vendors deploying their own products.  In this case, Sun and Deloitte were talking about deploying Sun Identity Manager internally at Sun.

They covered the usual tips for a successful deployment:

  • Involve the business
  • Planning makes all the difference
  • Don’t bite off more than you can chew

Pretty standard stuff that always bear repeating.
There were some very interesting other observations:

  • For complex systems, like ERP, get the vendor involved in the provisioning project
  • Plan for testing early in the project
  • Plan for sustaining the deployment, turning it from a project to a program early in the project

The idea of getting the complex system vendor involved in the provisioning project strikes me as both novel and extremely effective. The nuances of complex systems like ERP and mainframe security can bedevil a provisioning project.  Might as well go to the experts early.

Their last point on planning for sustaining the project echoes a point the Phil Becker and I made last year on identity management as a lifestyle and not a project.  You’re going to live with you decision for a lot longer than you probably expect.  You have to plan on how to sustain the deployment and turn it into a key thread in the fabric of business services the organization relies upon.

Deloitte speaking across all of their deployments, not just Sun’s, had some interesting observations as well:  Continue reading "DIDW: Sun’s deployment of Sun Identity Manager"...

September 24th, 2007 | Tags: , , , , | Category: Identity Management | Leave a comment

A small indicator of why Digital ID World is legit

Posted September 24th, 2007

It’s day one of Digital ID World 2007.  This is my third or fourth trip to DIDW.  This ever-growing event always impresses with the level and quality of conversation.  During the keynotes this morning, I got a glimpse of something small and to me something quite telling.  I saw Phil Becker and Eric Norlin, the brains and brawn (I’ll let you figure out which one is which), sitting on the floor off to the side of the packed meeting room.  These guys have always put the emphasis on hearing real world deployment stories and in doing so have always elevated their audiences to active participants.  To see the heads of the conference sitting on the floor to allow more attendees to have a place to sit is, to me at least, a sign of their character – totally legit.

September 24th, 2007 | Tags: , | Category: Identity Management | Leave a comment

Part 3 of my compliant provisioning series

Posted September 20th, 2007

The final installment of my series on compliant provisioning is up on Audit Trail.

For those of you headed to Digital ID World, let me know and we can catch up. (I’m looking at you members of the Mark MacAuley supper club.)

September 20th, 2007 | Tags: , , , | Category: Identity Management | Leave a comment

Partial automation is equivalent to partial deployment

Posted September 5th, 2007

Part two of my three part series on Audit Trail.

September 5th, 2007 | Tags: , , , | Category: Identity Management | Leave a comment
Older Entries »  
Home
  « Newer Entries