Month: January 2010

Identity Management – Vendor solution Vs OpenSource

Identity management provides holistic solution for compliance, security requirements, and improve  overall IT operation. Following are major vendors and their products providing IDM solutions in the market

– IBM/Tivoli Identity Management
– Oracle Identity Management (or Oblix/COREid/Thor)
– Computer Associates Identity Management (or Netegrity)
– MIIS (Microsoft Identity Integration Server or MMS (Microsoft Management Server) or Zoomit)
– SunOne Identity Management
– Novell Identity Manager
– BMC Identity Management (or Passlogix)

Before any organization implements IDM, it is best practice from program management office standpoint to develop a business case and return on investment.

How to create a measurable ROI for IDM investment?

If help desk operation is expensive in an organization, measurable ROI development is possible whereas if help desk operation is already lean, it is challenging to develop a TRUE ROI for IDM investment.

IDM solution provides holistic solution for compliance and security requirements. Even when there is no TRUE ROI for IDM investment, still it is worth considering IDM for  its elegant user provisioning, user de-provisioning, user management, access management, password management, work flow, single sign on solutions.

The open source products OpenSSO, OpenDS (directory server) supported by SUN provides most cost ( total cost of ownership) effective solution among the solution landscape. Identity managers supported by SUN, which eventually will become an open source product provides all connectors to integrate various directory services and build work flow for custom provisioning and de-provisioning.

Message: If there is no TRUE ROI for IDM, consider OpenSSO/DS/Identity Manager solution before dropping IDM from your technology road map.

Note: This page is used for google’s page rank emprical analysis. The links will be created based on the random graph created.  This is node #4 which has the key word:  xysivabodzinyx , xysivabodzinxy . As per the graph, it links to page 3, page 5

IDentity Managment Strategy

Before we seek Identify Management solution for an organization, the organization must define its business strategy in context to IDM. There are organization which requires to have multiple credential to login to multiple system in the landscape. Most of the federal government organization believes that the system landscape is much more secure when each system in the landscape has its own authentication scheme. To amplify that point, each user of the system in the landscape will have 5-6 credentials. One login credential for desktop, one for email, one for using internet, one for using the systems, one for using HR systems and etc. The idea behind this is, if a system security is compromised then it will not impact other system. At the same time, each users are asked to remember 5-6 user name and password. Users tend to forget the user name/password and require more help desk personnel which increases over all support cost.

On the other hand, when organization require to provide ease of use for its systems in landscape, it moves towards single sign on (SSO) and security architecture principle is one user, one identification. The risk with this approach is, if a system is compromised, the entire systems in the landscape will be compromised.

For each scenario, there is entirely a different identity management solution. IDM includes

  • User provisioning
  • User management
    • Role Management
    • Audit Control
  • Access Management
    • Authentication
    • Authorization
  • Directory services
  • Work flow
  • Federation
  • User de-provisioning

The components of IDM aligns to the process steps I laid out for IDM few months ago.

Identity Management solution can be simplified when the existing and must have directory service is extended to use for other areas. That is, when an organization uses active directory services as a authentication scheme for a desktop/laptop/pc and there is no plan to change it, the recommendation is to study how the active directory service can be made available for other areas like authentication of web application, email and etc.

Take aways:

  1. Must define the identify management direction based on business strategy (in the context of IDM)
  2. Leverage existing and must have directory service
  3. Select a product (for instance Sun Identity Management) which integrates with directory service, user management, and open standards for work flow , provisioning and de-provisioning
  4. Based on IDM direction, synchronize  the credentials (like email, desktop login, unix server login, mainframe login, HR system login, benefits system login)
  5. Manage user entry and exit process in a cohesive manner and automate the creation and deletion of credentials in all areas.

Note: This page is used for google’s page rank emprical analysis. The links will be created based on the random graph created.  This is node #5 which has the key word:  xysivabodzinyx , xysivabodzinxy

Google’s Nexus One

The next generation computation devices are lurking around in TED as sixth sense devices and labs are experimenting contact lens devices to present the most relevant information in real-time with out manually seeking. The devices will search for relevancy and the present the information to the user. It is very similar to Terminator movie (please watch video carefully at 2.13)  where the aliens receive the most relevant information for the given circumstance. The future devices will make the information readily available based on our circumstance, situation, and mood.  Well, it is not science fiction any more and it will soon become a  reality.

For those future devices, which are currently in experimental labs, the key component is an information gateway. Information gateway will seek  relevant information for each user based on location, mood, and circumstance.  The information gateway are nothing but the next generation smart phones. These information gateway will replace personal usage of PCs and laptops.

Google strategy team stuck a good balance to compete in the current market with Apple iPhone, RIM’s blackberry and laid basic foundation for information gateway market.  Google launched Nexus one as their phone product today to consumer using Android operating system. Nexus one provides easy integration for all social networking tools and techniques. There are more detail comparison done between Nexus one and iPhone and this article focus is to study Google’s strategy and it’s alignment for future technology evolution.

Google’s strategy to provide options to consumer to select the service providers  invites more customer base. However, I’m not excited about its  pricing strategy. The device cost around $520 per unit. The pricing strategy will not let current iPhone users to migrate to Nexus one and also blackberry users will not quickly migrate to Nexus one since it does not focus more on running business application (like VIN locator, inventory management and etc).

Nexus one is an another great thing for Google but the unit price needs to come down..

2010 Hot Tech Jobs

“Everyone knows someone who loves Honda” commercial in context with Honda Facebook is a prime example how social network channels have changed today’s business.  If any IT executives still thinks that social networking platform is for kids and teenagers, wake up! You have already missed lots of opportunity, try to speed up and catch on.

Social network is integral in today’s sales and marketing for almost all products and services.  Customization of a product or service based on each individual requirement is not a new concept and it has been discussed and implemented in isolation. The challenge faced before was to approximate each individual’s requirements and social network is an approach to approximate individual’s requirement. Once the requirements are understood, social networks are again used to influence individual customers to buy the given product or service. There are quite a few books written to leverage social network to promote and market products and services. To summarize, in today’s challenging market, it is obvious and evident that social network plays major role in selling product and services to consumers and some cases, even to big corporations.

Given this context, current economical circumstances, growth potential, emergence of cloud computing, compliance conformance requirements,

The following IT jobs will have high market demand in 2010..

1. Enterprise Architect – (Thorough understanding of business process management, business strategy, IT strategy, portfolio management, social networking tools ,techniques and its business application and etc)
2. Security Officer/Analyst (Audit, compliance,policy management, Threats from social networking, Identify Management Strategy,proactive incident avoidance – data loss prevention)
3. Network Engineer – (SAN/IPS/BGP/SONET/DNS/Firewall/Load Balancer/NetCache devices/SSL Accelerator/SMTP/SNMP/High availability/Disaster recovery/..)
4. Cloud Architect ( Cloud operating system – like VMVare, Business cloud)
5. Application Architect – (open source technologies,blog – wordpress, blogspot, facebook, youtube, SaaS, twitter, GoogleWave, web services, Rich Internet application – AJAX/Adobe Flex/Microsoft Silverlight)
6. Information Architect (Data Mining, Dataware house, Reporting, business intelligence, text minig, search optimization)
7. ERP specialist (SAP, PeopleSoft, JD Edward, Oracle financial, Banking – Fidelity, FiServ, Shaw, Phoenix, Hartland, and etc) 
8. Vendor/Contract Management ( ITIL)
9. Program/Project Management (PMBOK, PRINCE frameworks)
10.Smart Phone Application Architecture & Design – (iPhone, BlackBerry, etc)