Major IAM Vendors

Vendor selection is critical in IT business. I still remember an old story when I joint big blue family last Century: a wise advice was spread among IT decision makers globally: “You will never be fired if you buy from IBM”.    It had worked for a long while. Then, people got fired. Finally, you can not buy PCs from IBM…

3

Introduction to IAM Buyer’s Guide

“Our vision for security is to create a world where there is greater trust — where people and organizations can use a range of devices to be more reliably and securely connected to the information, services and people that matter most to them.” – Bill Gates, Chairman, Microsoft “As a CIO, I strive to ensure…

0

RSA 2007 Conference Take Aways

There was no much exciting news at RSA2007. I think I need to write a few things down here or otherwise I will no longer remember them: – Information Centric Security: The information is the king. However, the king can not live in a castle all the time. You, as a security professional, should be a knight to protect the…

0

Review – ADFS v1 & Preview – ADFS v2

Active Directory Federation Service (ADFS) is a component of Active Directory released as part of Windows Server 2003 R2. ADFS v1 can be used in various B2B/B2E/B2C Web Single Sign On and Identity Federation scenarios. Pros: – Enable Federated SSO between organizations – Enable Extranet SSO within the same corporate environment – Support either password and client cert/smart…

2

Review – Microsoft CLM Certificate Lifecycle Manager Beta 2

I reviewed CLM Beta 1 half year ago and rated it low. Now, CLM Beta 2 is ready for prime time and I’m going to deploy it in production environment. I’ve seen a lot of improvements in Beta 2 so many cons in Beta 1 are removed. Base CSP Smart Card support is a huge for me. For smart card…

0

IAM in TwC

I attended 2006 Microsoft EE & TwC Forum recently and tried to find out if there is any relationship between IAM and TwC. It is interesting that TwC (Trustworthy Computing) has Identity and Access Control as a grand child. At top level, TwC has four children, referred as 4 pillars: 1. Security 2. Privacy 3. Reliability 4. Business Practices…

0

IAM Strategy

IAM is a combination of processes, technologies, and policies enabled by software to manage digital identities in their lifecycle and specify how they are used to access resources. IAM is a superset of AAA (Authentication, Authorization, Auditing)*. Here are some general strategies for enterprise to consider: Obtain executive sponsorship because IAM is an important part of…

0

How to Reduce TCO of Identity & Access Management

Identity & Access Management is an expensive investment in IT. Here are some tips to reduce Total Cost of Ownership: Follow the rule of economy of scale – If more people use the same solution, the unit cost of the solution will decrease. Therefore, you should always search and use the most popular out of shelf IAM solution in the market place first. …

0

Authentication Strategy

Authentication is the procedure through which a user or a device or a service (or application) provides sufficient credentials to satisfy access requirements to another service, application, or system. User Authentication Strategy: ·         Prepare and plan for Strong User Authentication ·      Educate line of business application owners to use standard OS and directory protocol authentication and avoid application custom…

0

Authorization Strategy

Authorization (or establishment or entitlement) defines a user’s (or process’) rights and permissions to a resource. After a user (or process) is authenticated, authorization determines what that user can do to the resource. Here are some authorization strategies to improve security: By default, grant users no rights and permissions Grant users least privileged rights and permissions on “need to…

0