The emergence of identity access management governance

Security: Identity Management This newsletter is sponsored by Blue Coat Get the latest on Web Acceleration Tools Discover how to significantly improve document delivery times for users that are physically away from your centralized data center. A document that takes 80 minutes to delivery to a user across the globe could be delivered in three minutes with Web acceleration. Learn how your IT organization can benefit from this technology. Listen to this Webcast now. Network World's Security: Identity Management Newsletter, 10/03/07 The emergence of identity access management governance By Dave Kearns I’ve been known to lump together Aveksa, SailPoint and Securent under the banners of “entitlements” or “governance” but all three, it seems, are adamant that – far from being competitors – they are actually complementary. I had the opportunity to speak to the three at last week’s Digital ID World conference. I’ve known (and written about) SailPoint CEO Mark McClain and President Kevin Cunningham since their days with Waveset and later, with Sun. Securent Marketing Director Howard Ting has been a frequent name in this space through his stints at RSA, Identity Engines and Microsoft. Aveksa CEO Deepak Taneja has also been in the space (and in my interviews) since his days with Netegrity. These are all nice, trustworthy people, and when they tell me they aren’t competitors I believe them. That’s not to say that all of them agree on how best to tackle your identity management problems; each does believe that you need to start with his products and services – while admitting that there may be one or more things you’ll need to add to the mix. Still, it can be somewhat confusing to tell them apart - especially when I’ve been lumpin’ them together! Straight Talk from Security Experts Leading security experts share their advice, secrets and real-world experiences in Network World's latest Executive Guide, "The Security Treadmill." Learn how to get inside users' heads, fight for a bigger security budget and much more. Click here to download this Executive Guide. McClain tried to explain it to me: “We see ourselves as part of the emerging ‘IAM governance’ space (Gartner’s term), which includes both identity audit (Aveksa) and role management (Vaau). So we see ourselves as complementary to entitlement management players like Securent. Interestingly, Burton takes a slightly different view, adding entitlement management to identity audit and role management to create a broader category of complementary technologies called privilege and policy management. Either way, I’m pretty sure most of us in the IAM governance arena see the entitlement management players as complementary to the audit/role vendors - in fact, just another set of entitlements for us to certify/audit.” Personally, I like Burton’s idea of “privilege and policy management,” especially as it’s based on roles as a central piece. Most of these players agree that roles and role management, if not exactly necessary for their niche, is at least a desirable service to have. There’s still a whole lot more to come from last week’s Digital ID World, including my introduction the guy that the Burton Group’s Gerry Goebel calls “The Father of Federation.” But that’s a story for next time.   What do you think? Post a comment on this newsletter

MOST-READ STORIES OF SEPTEMBER: 1. Verizon smokes out another family 2. Does 802.11n spell the 'end of Ethernet'? 3. DEMOfall07 consumer tech 4. One less reason to adopt IPv6? 5. How Gateway's tech support tortured an editor 6. 10 management software companies to watch 7. 2007 Salary survey: IT pay falls short 8. Sopranos technology quiz 9. Meet the 'other' Ciscos 10. Wireless network companies to watch MOST-READ REVIEW IN SEPTEMBER: IBM Lotus Sametime top corporate IM platform

Contact the author: Dave Kearns is the editor of IdM, the Journal of Identity Management as well as a consultant to both vendors and users of IdM technologies. He's written a number of books including the (sadly) now out of print "Complete Guide to eDirectory." His other musings can be found at the Virtual Quill, an Internet publisher which provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail. Comments to this newsletter can be e-mailed to Dave here.  This newsletter is sponsored by Blue Coat Get the latest on Web Acceleration Tools Discover how to significantly improve document delivery times for users that are physically away from your centralized data center. A document that takes 80 minutes to delivery to a user across the globe could be delivered in three minutes with Web acceleration. Learn how your IT organization can benefit from this technology. Listen to this Webcast now. ARCHIVE Archive of the Security: Identity Management Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007