For your convenience, the two presentations used were Microsoft Identity and Access Solutions and IAM_Overview – Cape Town
In our recently held event, ITPro Africa invited the representatives from a couple of vendors with IDM (Identity Management) Solutions to come and give us their view about what IDM is all about, as well some field some questions from the ITPro Africa community.
First up we had Patrick Hunter from Quest Software who came in all the way from a snowed-under United Kingdom. Patrick currently performs the pre-sales consultancy role for the Quest One IDM product.
Patrick identified the three challenges that Quest focuses on:
- Security – internal and external threats; too much access; access to privileged accounts.
- Complexity – too many different user stores; managing access rights is resource intensive.
- Compliance – large number of rules and regulations; review of audit logs is often too little too late.
Of course all organisations, irrespective of its size, have some processes or business rules that address most of these. In fact, Patrick goes on to say that everything that happens in between the initial access request to a resource until that access is provisioned should appear as a little black box to the user and even the IT staff to a certain extent.
Patrick then explains how the little black box should handle the complexities of the IDM request and also briefly demonstrated how Quest One addresses these challenges. Being a firm supporter of the keep-it-simple rule and by removing the complexity from the solution, the little box becomes a whole lot simpler and cheaper to manage.
Next up we had Microsoft’s Jesus Martin who travelled from the UAE to present at this ITPA event. Jesus has been working at Microsoft for just over a year and focuses on Microsoft solution to the IDM market – Forefront Identity Manager (FIM)
Microsoft is definitely trying to promote forward thinking in terms of IDM and firmly believes that concepts like Self Service, IT WebShops and End-User Empowerment (amongst other things) is what IDM should about.
Microsoft extends on Quest’s black box idea by going as far as saying that Zero Touch provisioning of identities, permissions and applications is not impossible and that this should even be extend to cloud based services. Imagine that! This means that the new user form and the “HOWTO: Create a new user” run-book will no longer be needed. The business manager won’t even need to contact IT!
As you can see, Microsoft seems to focusing more on the business and its processes, which in itself isn’t such as bad as an idea as it may seem. Remember from one of my earlier posts how much of IT is now business driven and by starting the IDM process from a business perspective and looking to see how existing IT processes fit into this IDM strategy. Not a bad idea from a company that’s fairly new to the IDM business.
During our final round table discussion session of the day we opened the floor to the audience to allow for some questions and this where our guests really showed their free lunch money’s worth. With questions ranging from general IDM best practises all the way to specific product queries and comparisons, our guests were quite open to explain their personal takes on the subject matter as well as indicate how their products fare in the market and where its strengths and weaknesses lie.
All in all another great and very informative session and of course another BIG THANKS to our guest speakers, our sponsors Quest Software, Microsoft and Blue Turtle Technologies and to everyone who attended this very interesting discussion.