Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Informed CIO: Identity Management

Jun 01, 2009

Identity Management: 10 Questions to Ask

In today’s global business operating environments, where organizational and geographical boundaries are crossed hundreds of times a day to get the job done, there’s a critical need for standardized identity management. CIOs should keep an eye on government and private-sector federation initiatives—including the GSA’s E-Authentication program, the Liberty Alliance Identity Assurance Framework (LIAF) and the Transglobal Secure Collaboration Program (TSCP)—that will eventually have a direct impact on enterprise networks and business operations, especially within companies looking to do business with government entities. The TSCP specifically focuses on government strategic roadmaps to ensure consistent aerospace and defense contractor interpretation of requirements, implementation timelines, compliance targets and other factors.

On the tools side, hundreds of companies want your IdM business. On one end of the spectrum are large vendors like CA and IBM that offer multiple modules to cover many IdM needs. Buying best-of-breed products from smaller players and relying on internal staff and consultants to make everything work together is another method that may gain more adherents as the abovementioned standards progress. Comprehensive IdM is major undertaking, but companies can start small, perhaps with a technology popular with end users—single sign-on comes to mind-—to get business buy-in. Meanwhile, do a risk assessment and start cleaning up directories and laying the groundwork to integrate the elements of IdM: Authentication, authorization and access control, user provisioning/deprovisioning, role mapping, and auditing and reporting. Prioritize projects based on risks that can be addressed quickly and provide a visible benefit to the business. Here are some questions to consider. (C080509)

Research Report