[Log In] []

Exploring the science and magic of Identity and Access Management
Saturday, April 30, 2016

Kuppinger Cole: Computer-Centric Identity Management

Identity, Information Security, Internet of Things
Author: Mark Dixon
Wednesday, April 27, 2016
8:16 am

Yesterday, I enjoyed attending a webcast entitled, “Computer-Centric Identity Management.” Led by Ivan Nicolai, Lead Analyst at Kuppinger Cole, the presentation was subtitled, “From Identity Management to Identity Relationship Management.  The changing relationship between IAM, CRM and Cybersecurity.”

I found the presentation to be concise, informative, and thought-provoking – particularly the concept that the IAM practitioner must transition from the role of “protector” to “enabler”.

I think the following diagram does a good job of illustrating the relationships people have with organizations, mobile communication devices and other devices in the growing world of IoT. Identity Relationships are critical in enabling the potential of Digital Transformation.

Kc

 

2016 Data Breach Investigations Report

Identity
Author: Mark Dixon
Tuesday, April 26, 2016
7:39 am

VerizonBIR2016

Verizon’s 2016 Data Breach Investigations Report (DBIR) is now available to download:

The 2016 dataset is bigger than ever, examining over 100,000 incidents, including 2,260 confirmed data breaches across 82 countries. With data provided by 67 contributors including security service providers, law enforcement and government agencies, this year’s report offers unparalleled insight into the cybersecurity threats you face.

Enjoy!

 

Digital Business – Do We Have the Right Buzzwords?

Business, Identity
Author: Mark Dixon
Monday, December 7, 2015
9:17 pm

Today at the Gartner IAM Summit today I heard the term “Digital Business” dozens of times.  Do you think we have the right collections of buzzwords to describe that trend?

Buzzwords

Thanks to the Marketoonist for the insightful drawing!

 

Enabling Digital Transformation with REST API

Identity
Author: Mark Dixon
Friday, September 4, 2015
3:39 pm

I was recently introduced to a powerful new tool created by the folks at Persistent Systems, a long time Oracle development and systems integrator partner. The Oracle Identity and Access Management platform has a very rich set of Java APIs that enable developers to access nearly all of the functionality this platform from external applications.  The challenge is not completeness, but complexity.  To take advantage of this rich API set, external developers have to know much about the internal workings of the IAM products and the intricacies of writing the Java code to access the APIs.

The Persistent Systems engineers have developed a REST API on top of the Oracle Identity Governance Java API that exposes OIG capabilities in a much simpler, more “process friendly” way. For example, a few services available are:

  • User Access Request
  • Get User’s Provisioned Roles
  • Acting on Pending Authorizations
  • Authenticate User
  • Authorize User

… and the list goes on.

How would you like to translate those “business level” requests into Java API calls?

To demonstrate the capability of the REST API, a developer at Persistent Systems created the application shown in the image below, with a clean, easy-to use interface for OIG approvals and certifications – all without being an expert in Java or the detailed processes within OIG.  The iPhone and Apple watch images include screen shots from my phone and watch.  It really does work!

The most important thing to consider is not the neat user interface – although it has some cool features – it is how an intelligently constructed REST API can provide development agility, application flexibility and rapid deployment, all essential enablers for digital transformation.

Persistent Systems

 Leonardo Da Vinci has been credited with the wise statement, “Simplicity is the ultimate sophistication.”  I think Leonardo would like this approach.

 

On this day in 1968: The First US ATM

Identity, Technology History
Author: Mark Dixon
Wednesday, September 2, 2015
10:44 am

Atm

Sixty two years ago today, as I was commencing my junior year in high school, the first Automated Teller Machine, called the “Docuteller,” began dispensing cash at Chemical Bank in Rockville Centre, New York. According to a Wired article

It marked the first time reusable, magnetically coded cards were used to withdraw cash.

Nowadays, ATMs are ubiquitous. Mag stripe cards are widely used for identification at ATMs and in many other applications. EMV chip-and-PIN cards are becoming more broadly used in the US, although they have been used widely in Europe for many years.

Wide proliferation of ATMs dramatically changed the consumer banking industry. I suppose that mobile banking apps and mobile payments are now changing banking as dramatically as ATMs did over the past sixty years!

By the way, the Chemical Bank ATM was not the first ATM in the world.  The British beat the US by a couple of years, albeit without the mag stripe plastic ATM card. According to Wikipedia

It is widely accepted that the first ATM was put into use by Barclays Bank in its Enfield Town branch in north London, United Kingdom, on 27 June 1967. This machine was inaugurated by English comedy actor Reg Varney  This instance of the invention is credited to John Shepherd-Barron of printing firm De La Rue, who was awarded an OBE in the 2005 New Year Honours. This design used paper cheques issued by a teller or cashier, marked with carbon-14 for machine readability and security, which in a latter model were matched with a personal identification number (PIN).

Atm

We have come a long way!

 

No, I don’t want to engage!

Business, Identity
Author: Mark Dixon
Monday, June 22, 2015
8:05 pm

Do you ever wonder why in the world you receive the ads you do on Facebook or other online venues? Methinks personalized, targeted advertising still has a long way to go.

Marketoonist 150622 engage

 

Do We Need a Mobile Strategy?

Identity, Mobile
Author: Mark Dixon
Friday, May 8, 2015
11:44 am

It is quite amazing to me how many customers I visit who are really struggling with how to handle mobile devices, data and applications securely.  This week, the following cartoon came across my desk. the funny thing to me is that the cartoon was published in 2011.  Here is is 2015 and we still struggle!

Marketoonist

 

KuppingerDole: 8 Fundamentals for Digital Risk Mitigation

Identity, Information Security
Author: Mark Dixon
Tuesday, May 5, 2015
1:45 pm

Mk

Martin Kuppinger, founder and Principal Analyst at KuppingerCole recently spoke in his keynote presentation at the European Identity & Cloud Conference about how IT has to transform and how Information Security can become a business enabler for the Digital Transformation of Business

He presented eight “Fundamentals for Digital Risk Mitigation” 

  1. Digital Transformation affects every organization 
  2. Digital Transformation is here to stay
  3. Digital Transformation is more than just Internet of Things (IoT) 
  4. Digital Transformation mandates Organizational Change
  5. Everything & Everyone becomes connected 
  6. Security and Safety is not a dichotomy 
  7. Security is a risk and an opportunity 
  8. Identity is the glue and access control is what companies need

I particularly like his statements about security being both risk and opportunity and that “Identity is the glue” that holds things together.

Wish I could have been there to hear it in person.

 

IAM Euphemism: Opportunity Rich Environment

Identity
Author: Mark Dixon
Monday, May 4, 2015
8:36 pm

Recently I heard a  executive who had been newly hired by a company describe their current Identity and Access Management System as an “Opportunity Rich Environment”. Somehow that sounds better than “highly manual, disjointed, insecure and error-prone,” doesn’t it?

 

 

In Pursuit of a “Known Traveler Number”

Identity, Travel
Author: Mark Dixon
Wednesday, April 22, 2015
4:59 pm

Precheck

I have been using the TSA PreCheck service since soon after its inception in 2011, without paying an enrollment fee, after being invited by US Airways to participate. This has allowed me to use the simpler and faster TSA PreCheck lane at airport security, rather than joining the majority of fliers in regular security lines. However a couple of weeks ago, I received a notice from American Airlines, which is merging with US Airways, that I now needed to register for a “Known Traveler Number” (KTN) so I can continue to use the PreCheck service. I don’t really know why my gratis status is no longer acceptable, but it apparently it is.

So, I filled out a pre-registration form at Universal Enroll last week, booked at a screening appointment at a registration center a few miles from my house, and went through the final process today. 

Today’s registration process was unexpectedly painless. It took less than 15 minutes, including a short wait in the lobby, fingerprinting, stepping through a series of Identity Proofing steps and paying the $85 fee. Alas, I still don’t have a KTN.  That is supposed to be issued in a week or two after some big computer in the sky processes my information. Then, I am supposed to be set up to use the PreCheck lane every time.

The downside?  The government has me in yet another identity database.  My KTN will be linked to my SSN, as well as to my fingerprints and other personal identification data. Big Brother seems closer than ever before!

Next step after the KTN?  I will need to get a new Arizona drivers license that is Real ID compliant before January if I want to continue flying. Yet another Federal tentacle into my life! 

 
 
 
 
Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.