Are you attending the Burton Group Catalyst Conference next week in sunny San Diego? If so, please let me know by commenting on this post or sending me a tweet @mgd. It would be great to connect in person there.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Catalyst Conference
As I was writing yesterday’s post about Identity Dialtone, I thought of another telephony metaphor that may apply to trends within the Identity industry.
In the early expansion of telephony in the United States, someone predicted that if such heady growth continued, the Bell System would need to employ every woman in the nation to work as a telephone operator – all sitting at desks, plugging wires to connect people together over the telephone network.
In a way, that old prediction came true. Every woman (and man) became a telephone operator. This function was progressively pushed to the edge of the network. Each of us dial (now there is an antiquated word) telephones ourselves. We all sit at virtual switchboards to select people with whom we want to talk.
Perhaps this metaphor can help us understand the demand for and utility of User-centric Identity. Why shouldn’t I select how and when to use my identity information rather than relying on Ma Bell to handle it for me? Why shouldn’t this function be pushed to the edge? Gossipy Cousin Mabel at switchboard central doesn’t need to be in the loop for all the calls I make. Why should a virtual “Cousin Mabel” need to know about all my Identity information?
If history repeats itself, and it often does, we’ll figure out the balance between user-centric and enterprise-centric Identity Management, which I predict will eliminate Cousin Mabel and vest most responsibility in individuals at the edge. Then we’ll figure out something else to blame on Cousin Mabel and Ma Bell – so to speak.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
User-centric Identity
At Sun’s recent New York City Identity Management Roadshow, Jonathan Penn of Forrester Research mentioned the concept of “Identity Dialtone” in the context of Identity as a Service (IDaaS). I find this concept intriguing. We can learn much by comparing the emerging concepts of Identity Services with a tried and true, well-worn system.
For those of us who still use POTS (or Plain Old Telephone Service – what my kids would call “old school” phone service), dialtone is:
These characteristics make telephone dialtone an attractive metaphor for describing the ideal state of Identity Services. Shouldn’t services such as authentication, authorization, adminstration and auditing exhibit the same characteristics both for access by humans and other software programs?
OK. I’ll admit my sights are set pretty high. But if we are so bold as to compare Identity Services to dialtone, we must accept the high standard of performance we embrace. Telephony dialtone has served us well for many years, and is such an integral part of our lives that we seldom think about what it is and does. Yet it is critical to our personal and professional lives. Identity Services should become the same.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Identity as a Service,
Identity Services
At the Sun’s Identity Management Roadshow in San Francisco, last week, I met Jay Visvanathan, Sun’s Education Market Strategist for Global Education & Research. I was pleased to learn that Jay and his colleagues have taken the initiative to launch a new Sun Identity Special Interest Group (Sun ID-SIG), specifically for those involved in using Identity Management in the higher education market.
From the IDSIG web site: “This Special Interest group is open to higher education customers of Sun’s Identity solutions, as well as companies providing Sun identity management services to higher education. It will be a customer-driven forum providing an opportunity to exchange practical and technical knowledge and experiences with other Sun identity customers. As a member of Sun ID-SIG, you will also stay tuned to the latest news, views, and identity buzz from Sun, partners and customers.”
You can register online to join this emerging community. No fees will be charged.
Any questions can be directed to Jay Visvanathan.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Sun Microsystems,
Higher Education
At the Sun Identity Management Roadshow held yesterday at the New York City Hilton, Toby Emden, Chief Security Architect for Traveler’s Insurance, gave an excellent presentation about his company’s Identity Management program, which includes deployment of Sun’s Identity Management product suite.
I was particularly impressed with one slide where Toby articulated his vision for the overall initiative. I include it here with his permission:
The Vision
“One man, One goal, One mission. One heart, One soul, just one solution. One flash of light, yeah, One God, One Vision” – Freddie Mercury/Queen
- One Directory Infrastructure to manage all entitlements
- One Provisioning Platform for all critical infrastructure directories and SOX relevant applications
- One Administration Point, where policies and separation of duties rules are defined in the context of available services
- One Identity, based on who you are instead of where you are
- One Policy Decision Point, enabling consistency and risk-based analysis in approving access requests
- One view of who is doing what, who has access to what, and who granted access to what and when
This view of unity and architectural simplicity sets a strong vision to guide the progressive implementation of Traveler’s Identity Management program. Toby’s subsequent explanation of his plan for realizing the vision through well-structured major releases and subordinate projects illustrates Travelers’ adherence to sound Identity Management implementation principles.
Thanks, Toby, for sharing your insight and granting me permission to publish this blog post.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Sun Microsystems,
Travelers Insurance
Last week, after staying at the Intercontinental Hotel in San Francisco, I read a Twitter message posted by a guy from Europe asking for recommendations for a hotel in San Francisco. After I responded with a brief recommendation for Intercontinenal, my colleague and fellow Twitterer Terry Gardner (@tgardner) suggested I write a review on TripAdvisor.com. So, I signed on and posted my first ever hotel review. You can visit TripAdvisor or read it here:
The Sun Microsystems Identity Management Roadshow, at which I spoke, was held at the Intercontinental Hotel on May 28, 2008. I arrived the night before and was delighted with my room on the northeast corner of the 29th floor, with a magnificent view of the city and across the bay.
An iHome clock radio on the nightstand allowed me to listen to my favorite music while charging my iPod – just like home. And it was the first hotel room where I could watch NBA Basketball in high definition on a large screen – better than home.
The bed was the most comfortable hotel bed I can remember sleeping in – it might have been better than home, except there was an empty spot where my wife should have been!
But after all this, perhaps the best parts were the soups. The soups, you ask? Yes, the soups. For dinner the night of arrival, I had tomato bisque to accompany my cobb salad. I’m not much of a food connoisseur, but is “exquisite” an appropriate word? It was very good.
The next day, the buffet lunch provided for the Roadshow participants included a mushroom soup that was just as delectable.
One more thing … the little plastic bottles of shampoo and lotion were shaped like like drops of rain (or tears). Not the reason I choose hotels, but a nice touch!
And just think, with this much fun, I also got Priority Club points.
Please be assured that I have no intentions of forsaking my day job to join William Shatner in the hotel pitch business, but I enjoyed writing about a nice place to stay.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Sun Microsystems,
Hotel,
Tripadvisor
Twice in the past week I have been pleasantly reminded about the enduring value of what we post to the web. Last week, I had enjoyed a delightful evening with Dazza Greenwood, who had dredged up my November, 2005, post about Core Identity and contacted me. Today, Tom Scicluna, from Canberra, Australia, contacted me regarding a post I authored in January 2006, entitled, “Seven Identity Management Implementation Risks.” It is nice to know that old information can still be timely and relevant today.
For Tom and anyone else who wishes to review the “Risks” series, here are links to each segment:
By the way, I stumbled across the seven-figured hand on a blog by Roger von Oech. I don’t think it has anything to do with Identity Management, but I liked the picture and the creative thought Roger offered.
Tags: Identity,
Digital Identity,
Identity Management,
Identity Risks,
Project Management
Way back in 2005, when I discussed the Identity Map in this blog, I described “location” as a key Identity attribute. At any point in time, each individual in the world possesses a location attribute (perhaps expressed in longitude, latitude and elevation).
Thanks to the Global Positioning System (GPS), we can detect and leverage our current location to great advantage. For example, “Maggie,” which I affectionately call the Magellean GPS navigation device my wife gave me for Christmas, helps me navigate new and strange cities with ease.
But, alas, a couple of great web 2.0 products, Twitxr and Britekite, are examples of applications that just beg to be GPS enabled.
I use Twitxr frequently as an easy way to post grainy photos from my Treo camera to the web. With just a few keystrokes, my photo shows up on Twitxr, Twitter, Flickr, Facebook, Plaxo and this blog (see right sidebar). Each photo is tagged with the address I specify in the subject line of the email I use to submit the picture. The Twitxr web application uses Google Maps to show where the photo was taken. For example, my latest Twitxr post is a photo of my computer screen as I create this post. If you click here, and then click on address I specified, you can see the photo and a map of Mesa, Arizona, ostensibly the location where the photo was taken.
Like Twitxr, Britekite allows me to submit photos with an address tag. Additionally, users can “check in” at a location of choice without submitting a photo, so friends can know where you are at any point in time. By the way, if you visit me, you can see I am nearly friendless on Brightkite. If you send me your email address on Twitter (@mgd), I’ll send you one of the five Brightkite beta invitations I have.
As handy as these applications are, my big thumbs limit their effectiveness. Typing in specific addresses on a tiny keyboard is inconvenient and tedious. I usually cop out and simply type in the airport code or city/state where I am located. Wouldn’t GPS be great here? If every photo I took was automatically tagged with the precise geo coordinates, I could easily opt to send that information along with each photo I submit to Twitxr or Britekite. Or, I could easily “check in” without the tedious entry of a specific address.
I have already made up my mind that the next mobile phone I purchase must be GPS enabled. Hopefully, Twitxr or Britekite or similar applications that take their place will be able to take advantage of this great feature.
Now, if only Nikon would build GPS into my SLR!
Technorati Tags: Identity,
Digital Identity,
Identity Management,
GPS,
Twitxr,
Britekite,
Twitter,
Social Media
Michelle’s recent article, “The Missing Chair Around Your Boardroom Table,” discusses some key points on these issues.
1. Information is the most valuable asset of a modern enterprise: “Information about individuals is the currency flowing through the enterprise and that enterprise becomes, in a sense, its banker. One of the biggest threats is failing to recognize the power of information as a leverageable asset.”
2. Organizations that store and use sensitive, private information assume a high, quantifiable risk liability that far exceeds the value of physical systems on which it is stored: “To quantify the risk involved, we can look at the case study of breach notification legal requirements. In the U.S., it’s becoming typical for organizations that have been forced to notify customers about a data loss to provide two years of credit protection per record lost. So if you lose a laptop that contained 100,000 records with a standard credit protection cost of roughly $40 per record, per year, for two years, you’re looking at a potential liability hit of $8 million. That figure doesn’t account for brand loss, sales opportunities lost, lawyer fees, or the paper exercise of sending out letters. And that’s just a ballpark – I’ve heard figures from banks up to $500 million, or $250 per record for a major breach.”
3. Enterprises can employ Identity management technology and methods to support privacy requirements by understanding and controlling who has access to networks and systems that contain private information: “Identity management technology is critical to understanding “who” is participating on your network. “Who” is your customer and “who” will serve that customer’s various needs? … technology that can make a big positive impact when deployed with a clear strategy to get in front of the business challenge of “who.”
4. Michelle points out that technology is only part of the answer. She proposes that in each enterprise, “There needs to be an information control officer who looks at information the same way you look at cash, with the nuance that information about human beings is non-replaceable. … You need a leader who understands and cares about data protection and that person must scream from the mountaintops in the language of employees, vendors, and partners to let them know what is expected of them and that data governance is a valuable investment.”
The bottom line: we in the Identity Management industry can do much to enable enterprises, and the information control officers who lead the way, to protect and control use of sensitive information that has become the most valuable asset corporations possess. I look forward to exploring more deeply into this intriguing concept.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Privacy
For me, Twitter is an interesting, but sometimes maddening enigma – always fascinating, usually distracting and sometimes addictive phenomena. But is it really useful for business? The jury is still out.
However, I had a delightful business encounter yesterday triggered by a Twitter message. On Tuesday afternoon at 2:33pm, I tweeted, “Wrapped up the last of several con calls. Getting ready to head to the airport in route to San Francisco.”
At 2:58 pm, I received an email from Dazza Greenwood, “Just noticed on Twitter you are headed to SF… I’m in the city this week and weekend and wonder if you’d happen to have a few moments to get together and say “hi” in person? …”
Dazza and I had never met in person or talked on the phone. We had exchanged a couple of emails in February regarding my November, 2005, blog post entitled “Core Identity” that had relevance to one of his projects.
So, Wednesday evening, after I completed my duties at the Sun Identity Management Roadshow, I met Dazza in person for the first time at the Glen Park BART station and walked a short distance through that pleasant little community to his home, where we shared fruit and cheese, discussed common interests in Digital Identity and had a short video recording session in Dazza’s home studio. I’ll post the outcome of that session later on this blog.
Thanks, Twitter, for spawning a productive face-to-face meeting that gave personal substance to a previously distant, virtual business relationship.
Technorati Tags: Identity,
Digital Identity,
Identity Management,
Twitter