Make the cost of pilfering your asset higher than its value, plus other identity management news

Identity Management This newsletter is sponsored by Fluke Networks Proven Techniques and Best Practices for Managing Infrastructure Changes When businesses expand facilities, add locations, or upgrade existing infrastructure it's vital to ensure network readiness. This white paper describes a methodology to manage network changes that meet the needs for speed of implementation without sacrificing accuracy. Click here to download this whitepaper now! Network World's Identity Management Newsletter, 08/01/07 Make the cost of pilfering your asset higher than its value, plus other identity management news By Dave Kearns I learned from Trusted Network Technology’s PR guy George Robertson that, “With data costing companies $140 per lost record (Ponemon Institute) and selling well on the black market, business’ data could actually be worth more than its finances – though it typically has far fewer controls.” Interestingly enough, in a conversation I had last week with Securent’s Howard Ting, we discussed the old truism that you should make the cost of pilfering an asset higher than its value while concomitantly keeping the cost of protecting that asset below the cost of replacing it. If each record costs $140 to replace (or, rather, “make whole” including the costs of monitoring people’s credit ratings, etc.), and if an average data breach exposes 10,000 records (probably on the low side) then spending $1 million to protect those assets is actually a very good investment. Think of that the next time the entitlements management salesman gives you a presentation. Red Hat’s Pete Rowley drew my attention to a newish open source project called FreeIPA. IPA stands for Identity, Policy, Audit. According to the Web site: “Because of its vital importance and the way it is interrelated, we think identity, policy, and audit information should be open, interoperable, and manageable. Our focus is on making identity, policy, and audit easy to centrally manage for the Linux and Unix worlds. Of course, we will need to interoperate well with Windows and much more.” The goal of the first release, due in the fall, is to combine all in one package the following: Network World Security Buyer's Guide Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyer's Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise. Click here to go to the Security Buyer's Guide now. * Linux distributions (Fedora/Red Hat Enterprise Linux/CentOS) * Fedora Directory Server * FreeRADIUS * MIT Kerberos * Samba * Tools for installation * Administrative tools (Web and command-line) Contributions of time and effort are welcome. Finally, another project I’ve just become aware of, even as it moves into phase 2, is DAIDALOS - Designing Advanced network Interfaces for the Delivery and Administration of Location independent, Optimised personal Services. It’s an EU Framework Programme 6 Integrated Project designed to facilitate the user experience for mobile telecommunications users. In other words, it hopes to provide personalized, location-dependent services for people with cell phones. Since both personalization (attributes) and location (context) are important to an identity transaction, it’s probably good for identity-based organizations to get involved and not leave the entire definition of the system to the European telcos. Give it a look. Editor's Note: Starting Aug. 13, this newsletter will be renamed "Security: Identity Management" to better reflect the focus of the newsletter. We thank you for reading Network World newsletters!   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. NAC alternatives hit the mark 2. Online gamers’ dirty little secrets exposed 3. The Simpsons Movie sparks spam blast 4. Cisco muffles Linksys death knell 5. IBM tells employees to behave in Second Life 6. Hogwarts IT director quits 7. E-mail etiquette question: Thanks or no thanks? 8. Tool tests for phishing-attack gullibility 9. Top 15 'networkiest' moments of The Simpsons 10. Industry giants get 'Simpsonized' MOST E-MAILED STORY: Hogwarts IT director quits

Contact the author: Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill. Kearns is the author of two Network World Newsletters: Windows Networking Strategies, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: windows@vquill.com, identity@vquill.com . Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail. This newsletter is sponsored by Fluke Networks Proven Techniques and Best Practices for Managing Infrastructure Changes When businesses expand facilities, add locations, or upgrade existing infrastructure it's vital to ensure network readiness. This white paper describes a methodology to manage network changes that meet the needs for speed of implementation without sacrificing accuracy. Click here to download this whitepaper now! ARCHIVE Archive of the Identity Management Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007