(The basic text to my talk at Defragcon 2014. The slides I used are at the end of this post and if they don’t show up you can get them here.)
What have we done to manage people, their “things,” and how they interact with organizations?
The sad truth that we tried to treat the outside world of our customers and partners, like the inside world of employees. And we’ve done poorly at both. I mean, think about, “Treat your customers like you treat your employees” is rarely a winning strategy. If it was, just imagine the Successories you’d have to buy for your customers… on second thought, don’t do that.
We started by storing people as rows in a database. Rows and rows of people. But treating people like just a row in a database is, essentially, sociopathic behavior. It ignores the reality that you, your organization, and the other person, group, or organization are connected. We made every row, every person an island – disconnected from ourselves.
What else did we try? In the world of identity and access management we started storing people as nodes in an LDAP tree. We created an artificial hierarchy and stuff people, our customers, into it. Hierarchies and our love for them is the strange lovechild of Confucius and the military industrial complex. Putting people into these false hierarchies doesn’t help us delight our customers. And it doesn’t really help make management tasks any easier. We made every node, every person, an island – disconnected from ourselves.
We tried other things realizing that those two left something to be desired. We tried roles. You have this role and we can treat you as such. You have that role and we should treat you like this. But how many people actually do what their job title says? How many people actually meaningful job titles? And whose customers come with job titles? So, needless to say, roles didn’t work as planned in most cases.
We knew this wasn’t going to work. We’ve known since 1623. John Donne told us as much. And his words then are more relevant now than he could have possibly imagined then. Apologies to every English teacher I have ever had as I rework Donne’s words:
No one is an island, entire of itself; everyone is a piece of the continent, a part of the main. If a clod be washed away by the sea, we are the less. Anyone’s death diminishes us, because we are involved in the connected world.
A few weeks back I had the pleasure of delivering my ideas for the Laws of Relationships. The Laws are meant to be design considerations to everyone building, deploying, or consumer identity relationship management services. The team at ForgeRock, our hosts at the IRM Summit, were kind enough to video the talks. What follows is both a video of my delivery as well as the slides themselves. I am very much interested in getting feedback on this. I want to channel the response into the Kantara Initiative Working Group that is forming around IRM.
Here it is… week 10 of my new job at salesforce.com. Needless to say it has been a bit of a blur. Part of my gig here is to hit the speaking circuit. I was at the European Identity Conference a few weeks ago talking about killing off IAM and how it should be reborn, and next week I am off to the Identity Relationship Management Summit. I have to say, I am little nervous about speaking at IRM this year… not one, but two of my ex-bosses will be speaking there, not to mention my current one.
I have to admit when I first heard the noise surrounding Identity Relationship Management, I cringed, especially when people started referring to it as IRM. IRM sounds way too much like DRM to me and that just leads to bad things. Furthermore, my concerns with what Kantara and ForgeRock laid out was that it didn’t necessarily address relationship management; they presented the needs of modern IAM well but didn’t present the needs of relationship well. However, after many conversations and email threads, I still loathe the IRM name but have come around to the larger mission that Kantara has in mind. Simply put, relationship management is the future of identity and access management.
The Laws of Relationships (A Work In Progress)
Taking a page from the work that Kim did with “The Laws of Identity,” I wanted to provide the starting point for the community to build a similar set of design constraints and considerations for relationships and relationship management technologies. Our current IAM methods will be insufficient in a near future in which we are dealing with an unreasonable number of people and things and the relationships between them. At the IRM Summit, I’ll be presenting a strawman set of laws for relationships to help us think about this coming future. To that end, here is a preview of the laws (and axioms and attributes) of relationships. Continue reading “The Laws of Relationships (A Work In Progress)”
I gave this talk a few months ago. I had just finished writing our 2013 Identity and Privacy Planning Guide and was trying to think of a different way to express what I had written. What I came up with was this very very different way to express what I had written. I’d love your feedback. Also, no commas were harmed in the filming of this presentation.