Thursday, August 04, 2005

The DNA of Identity

So I was at a meeting with Trusted Network Technologies this week where I got to see their solution work. I was theer as a partner not a prospect which which means I had a chance to see the product as it really is, not a preconfigured ultimate solution presentation-ware product demo. My verdict:

One of the best thought out solutions in the market today. Why?

Many vendors (including companies I partner with) like Sun, Novell, IBM, Thor, etc. are focused on application layer identity management (IdM), and in many cases authorization then application layer IdM. TNT goes a *key* step further in my opinion which is to provide an unalterable identity not only to the user but to the machine the user uses.

Why is that significant, because the stakes just went up of somebody spoofing a login (username/password crack) or an IP address. Can someone still get past the virtual moat? Sure. I've always believed that whatever one builds, someone else can break, however, the practical application of this solution is enormous for business. Especially when you narrow down who did what by login, machine, and identity. Why do I call TNT's solution the DNA of Identity? Because I watch a lot of CSI and one of the key things they look for in their evidence is DNA. Your DNA is you in the real world and this is making it more so in the virtual world.

Take for example an offshore firm who does a lot of work for a Wall Street company. VPN's are set up and communication is tolerably secure. Then collusion happens where someone offshore gets moved off of a project at that firm, and gets put on another project at an Indonesian bank and the person's account was never shut off at the Offshore firm or at the Wall Street company. A rogue employee that was just hired from a competitor offshore comes in and gains access to that persons account on the next shift.

How do you know who did it? The more important question is how do you prove it? and the most important question is 'What is the downside/risk of not knowing how it happened and fixing it? This is exactly what I am talking to several Fortune 25 companies about right now, and proposing a reasonable fix.

By the way if you want to contact me and here other real stories where the names of all parties were changed to proctect me and my family, reach out:

Mark Mac Auley


Post a Comment

<< Home