Search This Blog

Monday, August 15, 2005

Do tech people get single sign-on?

NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT
08/15/05
Today's focus: Do tech people get single sign-on?

Dear security.world@gmail.com,

In this issue:

* Are we familiar with SSO?
* Links related to Identity Management
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by HP

Is password management, user management, implementing single
sign-on or sustaining compliance without going broke causing you
to lose sleep? Manage identities and passwords, mitigate audit
risk, establish a strong privacy compliance management system
and centrally track transactions with HP's identity management
solution. Learn how -- download a whitepaper now.
http://www.fattail.com/redir/redirect.asp?CID=110152
_______________________________________________________________
VOIP SECURITY THREATS: FACT OR FICTION?

Although it's difficult to find a company that has suffered at
the hands of VoIP abusers, viruses, spam and phishing have run
rampant on other IP-based communications systems. Will similar
threats find their way to VoIP? Find out what the experts say
and how should prepare your network against such potential
abuses. Click here:
http://www.fattail.com/redir/redirect.asp?CID=110053
_______________________________________________________________

Today's focus: Do tech people get single sign-on?

By Dave Kearns

Before we get into this edition of the newsletter there's an
important piece of housekeeping to take care of.

[correction] Last week, due to an inadvertent editing
transposition we appeared to be saying that Felix Gaehtgens and
Sampo Kellomäki were officers of MaXware. Well, not only
"appeared" but we actually said it! Actually the two are,
respectively, sales and marketing vice president and chief
architect for Symlabs. Sorry guys, drinks are on me at the next
Catalyst Conference. As Felix put it in his note to me: "Well,
I certainly am not going to trade the beautiful Portuguese
weather for cold and dark Nordic winters any time soon - even
though I have once been fishing in the Norwegian fjords in a
Summer about 10 years ago, and it was rather cool, but
stunningly beautiful, and the sun never went down!" So I guess
we can't consider this a prediction, either![/correction]

If, like me, you've been working on the "identity thing" for
many, many years there's a tendency to think that all the hard
work is behind us. People, at least IT people, understand what
identity is and why things like federation and single sign-on
(SSO) are important. But do they really grasp what it's all
about? My attention was recently drawn to a posting from, I
believe, an open source forum (probably one about OpenSSO
<https://opensso.dev.java.net/> - but I haven't been able to
track down the source completely. The poster writes:

"We are looking to move to a SSO solution, but were wondering
what everyone else is doing? [W]e have 5K + employees that all
need access to various platforms (Sun Solaris, VMS, AIX, SCO,
HP-UX, Windows, Citrix, AD, Web, etc). Is there some sort of app
or some such thing that will do a cross-reference of userid's?
Or do we even need to worry about that (the 8-character
limitation on the Unix boxes) if we implement LDAP or AD?"

Read that again, "Is there some sort of app or some such thing
that will do a cross-reference of userid's? Or do we even need
to worry about that if we implement LDAP?" We spend our time
fine-graining the differences between Enterprise SSO and Web
SSO. We worry about the trade-offs between synchronized
passwords vs. "secret store" vaults to hold all the passwords.
But the person within the organization who should be in tune
with the technology the most isn't sure if simply adopting an
LDAP "implementation" will also give him SSO. It's not only the
CxOs who need to be educated. If we overlook continuing to
educate the IT community we do so at our own risk.

The top 5: Today's most-read stories

1. Cisco to double Catalyst 6500 switch capacity in coming
months, report says
<http://www.networkworld.com/nldsv5032>

2. Ex WorldCom CFO Sullivan gets 5 years in jail
<http://www.networkworld.com/nldsv4988>

3. Microsoft open source exec: Not the loneliest guy in Redmond
<http://www.networkworld.com/nldsv4826>

4. Cisco mulls acquiring Nokia, report says
<http://www.networkworld.com/nldsv5033>

5. IT staff shortage looming
<http://www.networkworld.com/nldsv5034>
_______________________________________________________________
To contact: Dave Kearns

Dave Kearns is a writer and consultant in Silicon Valley. He's
written a number of books including the (sadly) now out of print
"Peter Norton's Complete Guide to Networks." His musings can be
found at Virtual Quill <http://www.vquill.com/>.

Kearns is the author of three Network World Newsletters: Windows
Networking Tips, Novell NetWare Tips, and Identity Management.
Comments about these newsletters should be sent to him at these

respective addresses: <mailto:windows@vquill.com>,
<mailto:netware@vquill.com>, <mailto:identity@vquill.com>.

Kearns provides content services to network vendors: books,
manuals, white papers, lectures and seminars, marketing,
technical marketing and support documents. Virtual Quill
provides "words to sell by..." Find out more by e-mail at
<mailto:info@vquill.com>
_______________________________________________________________
This newsletter is sponsored by HP

Is password management, user management, implementing single
sign-on or sustaining compliance without going broke causing you
to lose sleep? Manage identities and passwords, mitigate audit
risk, establish a strong privacy compliance management system
and centrally track transactions with HP's identity management
solution. Learn how -- download a whitepaper now.
http://www.fattail.com/redir/redirect.asp?CID=110155
_______________________________________________________________
ARCHIVE LINKS

Archive of the Identity Management newsletter:
http://www.networkworld.com/newsletters/dir/index.html
_______________________________________________________________
FEATURED READER RESOURCE
HARD WORK, GOOD PAY

According to Network World's 2005 Salary Survey, network
professionals are enjoying substantial increases in pay,
especially at the highest- and lowest-tier job titles. But are
those increases coming with higher titles, more work or both?
Find out if compensation alone is keeping network professionals
happy in their careers - or is something else? Click here:
<http://www.networkworld.com/you/2005/072505-salary-survey.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)