GM, Boeing Faced Uphill Battle To Reach Global Identity Management
Managers from two multinational companies share their tips on connecting employees, parts suppliers, other business partners, and outsourced software developers.
After several attempts, it's still hard to get distributed identity management systems to work together as one enterprise-wide system, but that remains GM's goal, said James Heaton, global director of identity management at GM.
In the field of identity management, it's called federation, where lots of different, geographically dispersed user-authorization systems are harnessed to work together. Federated identity management frequently leads to single user sign-on to corporate systems, which yields access to all needed applications and databases without repeated logging in.
With 280,000 employees doing business in 200 countries and manufacturing vehicles in 33 countries, however, GM has a larger problem in federating identity management systems than many companies. "A lot of vendor solutions halfway work for GM, but when we try to scale them, they break. We break almost everything we touch the first time we try to use it," Heaton told the crowd of over 400 at the Burton Group's Catalyst Conference in San Francisco on Wednesday.
GM at different times has implemented identity management systems from Novell, Siemens, Oracle's Oblix-based systems, and Sun Microsystems.
In addition, Heaton told attendees at the enterprise-focused event that the problem is growing much bigger than just meeting the needs of GM's employees. There also are 14,000 GM dealers, not to mention hundreds of GM's parts suppliers, other business partners, and outsourced software developers. A federated system is supposed to include all of them, he said.
He won funding from top management, not by technical arguments about federated identity management virtues, but by circulating a slide that showed authorizations of all types of users flowing through a single, corporate system. The users included outside business partners and suppliers.
"That picture reached corporate officers that I couldn't have reached on my own," he explained. Now he's trying to build a system that lives up to his pictogram.
GM has launched a companywide, federated system for its employees that works reasonably well but still needs refinement. For example, in the last 12 months GM deployed a system to reset passwords worldwide, covering passwords created in many languages. Soon afterward, the GM call center showed repeated spikes in calls coming from Portuguese speaking areas of the world, primarily Portugal and Brazil.
The new system asked a personal question of users that would identify them if they called in, having forgotten or lost a password. "I did everything the system told me to until I came to the validation question about my goat. I don't have a goat," the callers complained. Something had been lost in the new system's translation, Heaton noted.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.