Who Entitled Me Anyway?

So I got to thinking this morning as I was out catching a few waves before work, that with all the buzz and thought going into entitlements I had to wonder - how did things get so f)*&^(^% up in the first place?

I got to thinking back over the years and how it all starts with onboarding. Remeber onboarding? That was the pain in the ass du jour a few years ago with identity management since it was crucial for provisioning - a big topic 2 years ago at Catalyst in San Diego. So I determined that it all goes back to HR. And perhaps Dogbert is the wizard of it all, but I digress...

If we think about roles and entitlements, I would think that there would have been more backlash in HR groups since they are the ones who ultimately control creation of an identity within a company. At least I hope we don't fill out all of that paperwork for a self service app...

So I got to wondering, what could Oracle and SAP bring to the table around getting off on the right foot to pre build roles into their applications that automatically take care of provisioning and to a certain extent, entitlements?

I have to believe it would simplify some things, especially new deployments and it's not like they haven't been doing this for 20 years and have no idea what to do or where to start. Granted every company has their own set of roles which drive the entitlements so if we address it at the source, wouldn't that help?

Identitystuff@gmail.com

It’s all about the process, but WHY?

I have been up and down the East Coast this week meeting with different companies and beating my ‘It’s about the process’ drum. One question that got me thinking was – why?

I have been noticing the shifting sands of Identity for several years now and have had the opportunity to speak with organizations, and ultimately people, who sell identity management solutions, deploy identity management solutions, and manage and support identity management solutions. There are several things that are very apparent to me, and continue to be reinforced:

1. Compliance is the biggest reason people evaluate Identity management solutions. I believe this stems from (poorly written) legislation that is designed to mandate that organizations have a level of transparency and a level of knowledge about what is really going on inside their systems that run their business. It is no longer acceptable to say ‘I didn’t know about that’. It’s also where the budgets are since management wants to stay out of the papers and out of jail.

2. Convergence of Identity, Privacy, and Security means that there are now impacts beyond each silo that must be considered when evaluating a solution. What are the ripple effects beyond my group/team/business unit. Add in trying to implement a federation model/framework and the waters get muddier.

3. The number of people who have the expertise and experience of both the business drivers and technology implementations is small. Identity management is not a technology project. When I got into the space and starting to position solutions at companies, it was a technology project buy. Now that companies have started to realize that the Identity Management software out there all do 80-90% of the same thing, it has become less about the technology and more about supporting the business process and enabling transparency in a way that business folks can understand (that’s why I believe dashboards have become the must have thing).

4. Support, Maintenance, and Servicing. I also see that companies are starting to understand that an implementation is not the event it once was but the beginning of a business process reengineering effort, that once the technology is implemented, there is s a substantial effort and commitment to care and feed this new system and the processes it is designed to support.

5. I believe that companies - to varying degrees – will start to look at transition processes to off load the ongoing maintenance and management of these systems to service providers who will retain the expertise of both the business and technology components. This means that there is an opportunity for companies to build out teams to do the support, and more importantly quarterly business reviews with their clients to insure things are running smoothly.

It’s About the Process Folks, and having a continuous feedback and ongoing strategy evaluation means that you will get better at defining the processes that will foster transparency, improve how security and privacy are maintained and improved to help your business.

identitystuff@gmail.com

Tom Bergeron Sighting

Tom Bergeron From WHEB in NH, Funniest Home Videos, and Dancing with the Stars is hanging at Starbucks in Portsmouth NH. Not with me per se, but hanging...

Look what I found... Shiny new tool for the Beancounters?

I just had lunch with the CEO of VKernel, and we originally met to discuss some other things, and he told me about VKernel. Having worked with large companies, this is going to be a nice app to have in the IT Operations arsenal.

V-Kernel adds functionality not available in Virtual Center such as Chargeback, Top down reporting on Resources used by multiple VMs to support Business Services, and Storage usage reporting.

In just a few minutes, with these Reports, you can :

Find out how much CPU, Memory, Network, and Storage each VM is consuming.

Understand Total Resource consumption by groups of VMs that support business applications such EMAIL, CRM, and others.

Generate Chargeback reports that are based on actual consumption of resources in your environment.

V-Kernel is a Virtual Appliance. It does not require installation or extensive configuration. Simply drop this appliance into one of your ESX servers and specify which servers you want to report on. That´s it!

Great blog entry - Flying without ID

http://www.thetraveljunkie.ca/articles.php?articleid=146

That is the link that outlines a travelers experience of NOT producing any ID. In light of the Glasgow bombing, I thought this was interesting.

I will also point out that the Jersey Barriers at the airport stopped the SUV. Now that either means dumb terrorists or kick ass concrete. Or they weren't used to driving on the wrong side of the road...

Either way I hope my clansmen keep up their vigilance.