The 2 ROIs of IAM

Posted on by Steve Tout in Architecture Guidance,Management

Last week I unveiled Identity Coherence in my webinar on the same subject(sponsored by CSA) and started by talking about the impact that IAM has on customer experience, federation and risk management. I concluded with a discussion on the 2 ROIs of IAM: Return On Investment and Risk Of Ignoring. If you step away from any IAM implementation and defocus the technology, what you see is a constellation of factors that either propel your efforts forward within your organization or stop you dead in your tracks. Naturally, this vantage point delivers insights into the upfront work needed to modernize IAM, including strategy, architecture, operations and innovation. But from experience, looking at IAM through the lens of program management, GRC, customer experience and even company culture all of which are critical to ensure ongoing success of an effective IAM program. This mental model is what I refer to as Identity Coherence. Identity Coherence provides the conceptual framework …

From Gustav Mahler to Identity & Access Governance

Posted on by Steve Tout in Architecture Guidance

I love classical music and I love a Gustav Mahler symphony even more. Symphonies, to the uninitiated ear, can sound a lot more like noise than music. To the music lover, a symphony is an expression of art in the highest form, a source a great pleasure and beauty to behold. One of my favorite composers of all time, Gustav Mahler, has been a source of inspiration to me since I was introduced to his work (and in particular his 5th symphony) by the Pastorinos of Glenn, CA (Ellen is the former music teacher at Willows High School) in 1994 and that has fueled an interest in all kinds of classical and symphonic music. Ever since, it has been a rich source of inspiration with interesting parallels to the career I landed in a few years later. Broken off into groups of players such as horns, winds, basses, trombones, cellos, …

Doesn’t Anybody Use IdM Standards Anymore?

Posted on by Steve Tout in Architecture Guidance,Current Events

When I am not at work thinking about solving tough issues in Cloud & Enterprise Identity & Access management, I have music on my brain. Music has a way of calming frayed nerves…yet it also has a way of inspiring moments of pure genius. This is one of those times for me. Or maybe not – you be the judge. Doesn’t anybody stay together anymore I wonder why, doesn’t anybody stay together anymore Oh I wonder why, doesn’t anybody stay together anymore – Phil Collins Doesn’t Anybody Stay Together Anymore The past two months I have been working with security gateways for integrating disparate systems via a token exchange service. These devices can go by many different names. Access Bridge. STS. Concierge service….(Shout out to Peter Davis/Neustar and Chuck Mortimore/SFDC for this one during a brainstorming session I convened at IIW here.) or however you want to call it. Try …

Dismantling Your Legacy Identity Management

Posted on by Steve Tout in Architecture Guidance,Current Events

The stars are not wanted now: put out every one; Pack up the moon and dismantle the sun; Pour away the ocean and sweep up the wood. For nothing now can ever come to any good. – W. H. Auden If you have ever (or currently do) feel that way about your Oracle or legacy IdM solution, you are not alone. The billion dollar Identity Management industry is being turned upside down by the tidal waves of distributed, claims based identity. Identity management vendors (one of which owned by VMware itself) sprung up to service the SaaS apps and the customers who require a scalable and secure way to access their applications and data in the cloud. Cost savings realized by moving corporate applications and compute to SaaS and PaaS outside of the firewall has been a strong driver for cloud based access management and SSO, but given a few …

Virtualization, Clouds and The Future of IAM

Posted on by Steve Tout in Architecture Guidance,Current Events

As an old hand at Oracle IdM (going on 10 years now) it is a bit hard for me to digest, but my instinct tells me that survival means adapting to the seas of change rather than trying to run from them. There is a bright future and a lot of pent up demand in cloud services, where new models will soon overshadow the shortcomings of client/server and internet architectures. The old school IAM stacks are not going away anytime soon, but the IdM professional will need to learn new models and standards to keep pace with where this industry might be heading.