[Log In] []

Exploring the science and magic of Identity and Access Management

To suppose that any form of government will secure liberty or happiness without any virtue in the people, is a chimerical idea. — James Madison

Wednesday, April 1, 2015

Happy 100th Birthday, IBM!

Business, Technology
Author: Mark Dixon
Thursday, June 16, 2011
7:34 pm


It was 100 years ago today that the Computing Tabulating Recording Corporation was incorporated through a merger of four companies: the Tabulating Machine Company, the International Time Recording Company, the Computing Scale Corporation, and the Bundy Manufacturing Company.  It’s name was later changed to International Business Machines Corporation.  Today we salute IBM for its innovation and endurance, its ability to remake itself time after time, and for leading the way to the era of modern computing which we now enjoy.

I highly recommend that you read the ZDNet Article, “IBM at 100: 15 inflection points in history” and step through the accompanying photo gallery, “IBM: 100 years of THINKing big.


I love old photos of the big panels with so many flashing lights.  And that guy probably knows what each of those lights means!


Dilbert and Alice on Meeting Punctuality

Business, Leadership
Author: Mark Dixon
Saturday, May 21, 2011
5:26 am


Have you ever thought what Dilbert and Alice are saying in this comic strip?  Don’t lie, now.



We could all work on being a bit more punctual for meetings and con calls, don’t you think?



Business Continuity as a Service?

Author: Mark Dixon
Thursday, May 5, 2011
12:45 pm


My cyberspace friend André Koot recently translated his provocative blog post, entitled “Continuity as a Service,” from Dutch to English.  If you are interested in cloud computing, I highly recommend that you take time to read the article.

I like André’s comment about cloud computing in general:

The cloud reminds me of that old Blob, the science fiction movie, cloud is becoming so pervasive that it seems to take control of everything. And just admit it, we find that exciting, scary and fun at the same time. But if everything disappears in the fog, how do we know that business is as usual?

We all know that cloud computing has new risks and challenges.  But one risk that is often overlooked is business continuity:

Most risks are well known. Using standard operating procedures, access control and audits we can identify and mitigate problems relatively easy. And already there is a lot of information about security in the cloud. But one area of risk is not yet completely clear, the risks of business continuity.

Although new legal relationships are essential, they certainly don’t solve everything.

But the core of the AAS problem is that contract partners are not always the parties who offers the actual service. You can try to mitigate risks in contracts, but the fact of the matter is that you want to move to the cloud, because of the positive price / performance ratio of multi-tenancy and the (re) use of standard applications. Long term subcontractor relations in the real world don’t exits in the Cloud. If one platform provider is too expensive, our service provider just moves to another. This means that we are victims of the arbitrariness of our providers.

André  goes on to explore several situations that should be carefully considered:

  • What happens if the SAAS provider goes away?
  • Is “Cloud Escrow as a Service” a valid concept?
  • What happens if the PAAS provider underneath the SAAS provider goes away?
  • What measures should you take now so you can endure a cloud failure?

André’s parting comments are certain timely:

The uncertainty surrounding continuity is high at this moment. The question is whether for business-critical applications sensible solutions in the cloud exist today. An assessment around the continuity and security risks and safeguards in place seems to be appropriate.

Amazon’s recent challenges certainly focused our collective attention on this important subject. In order for the challenges related to business continuity in cloud computing to be solved, there is much work to be done.

By the way, I thought the photo of a life preserver in the clouds was very appropriate for this post. It came from a blog post about business continuity by Maurice Saluan, VP-Channel Management for Zenith Infotech, a company heavily involved in cloud computing and business continuity.


Business Value from Identity and Access Intelligence

Business, Identity
Author: Mark Dixon
Wednesday, April 27, 2011
4:27 pm


It was almost two months ago when I first mentioned on this blog the term coined by Gartner, “Identity and Access Intelligence.”  I have been thinking much lately about the real business value enterprises can derive from this discipline, and will attempt in this post to enumerate and comment on such benefits.

As good fortune would have it, my Oracle Colleague Nishant Kaushik shared with me a copy of a presentation deck he used recently, entitled, “Identity Intelligence to Drive Business Objectives.”

For the purpose of this discussion, we will use the term “IAM Intelligence” to refer to “Identity and Access Intelligence” or “Identity Intelligence”. Furthermore, we will regard IAM intelligence to include tools for IAM data collection, aggregation, analysis, presentation and automated action, coupled with the human processes for seeking to understand, present and act on that data – the transformation of data into actionable intelligence.

Earl Perkins of Gartner put it this way:

IAM intelligence is more than knowledge for IT users to make IT users’ lives easier. IAM intelligence can be part of the business intelligence realm if properly analyzed and presented to the right audiences.


Primary Business Benefits

The following major business benefits can accrue from IAM intelligence.  These are roughly the same as Nishant used in his presentation, in a slightly different order.

  1. Enable Visibility and Transparency.  If an enterprise is to effectively answer the compelling questions, “Who has access to what?”, “Who granted that access?” and “How were such assess rights used?”, a great degree of information visibility and transparency is needed.   The questions are simple; the process of answering them is not.  IAM intelligence seeks to answer these questions quickly and accurately, in a manner that reduces business risk and increases regulatory compliance at a resonable cost.
  2. Support Business Decisions.  Good business decisions should be based on reliable information, not on supposition.  A client recently remarked,”We need to base our decisions on facts, not just on what we think those facts are or should be.”  IAM intelligence provides the foundation for making good business decisions based on reliable information.
  3. Turn Data into Insight, and Insight into Action.  With the expansion of IAM infrastructure for administering user, role and entitlement life cycles and enforcing access policy, the amount of relevant Identity and Access data is immense.  That raw data does little good unless we can effectively organize and analyze such data so effective business decisions can be made and intelligent action can be taken as a result.  IAM intelligence enables the transformation of raw data into actionable insight.
  4. Strengthen Identity & Access Governance. The structured method for managing IAM systems, or IAM Governance, can be made more effective if accurate, reliable, timely and actionable information is available for IAM stakeholders to make good decisions.
  5. Identify, Measure and Manage Risk.  To effectively manage risk, an enterprise must accurately identify what risks exist, create policies for dealing with such risks, and implement effective controls for enforcing those policies.  Actionable information provided by IAM Intelligence can enable enterprises to correctly identify, understand and control risk.
  6. Contain Costs. Gathering and evaluating data through manual means can be very expensive, including initial data collection, manipulation, analysis and presentation.  Automated Identity Intelligence methods can minimize costs by taking labor out of the process.
  7. Build Trust. In order for any information system to become an effective foundation for business execution, business leaders must implicity trust the tools and processes that comprise the the system.  An effective IAM Intelligence system will provide that trusted foundation that a business leader can use to guide his or her business activities.


Benefits from Automation

Why can’t we just use some smart people armed with spreadsheets to accomplish the same objectives?

  1. Accuracy. Manual methods of data collection and organization inevitably introduce errors, which at best are difficult to find and correct, and at worst, alter business decisions in unfortunate ways.
  2. Timeliness.  Manual methods often take a lot of elapsed time, causing business decisions to be delayed and needed actions to be postponed.
  3. Presentation.  While much can be done with spreadsheet graphics and reports, more powerful reporting, dashboard and presentation facilities may be available with an automated system.
  4. Repeatability.  Manual methods may vary as different people become involved at different parts of the process, causing variabiltiy in results from cycle to cycle.
  5. Auditability.  Manual methods are more difficult to audit, because of the variability in the human part of the process.
  6. Cost control.  The costs of manual methods often exceed automated processes, because the labor content of the process recurrs in every cycle. Automated methods can reduce these costs


The Bottom Line?

The overall benefit we realize from IAM Intelligence is the ability to take effective business action, based on intelligent business decisions … leading to faster, stronger business success.

Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.