Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Council Teleconference: Application Rationalization — Hidden Costs and Smart Decisions
November 17 at 11:00 am US/Eastern (GMT-5)
Join Honorio Padrón, of The Hackett Group, who will share the drivers for companies to tackle application rationalization and the results of research that define the hidden cost of complexity. Additionally, we will discuss key decision milestones—to start or not, holding the course steady and fulfilling expectations.
Virtual Desktop Cost-Benefit Analysis — Michael Jacobs, Catlin Group
The analysis contained in this presentation measures the cost of everything from the machines and licenses to the infrastructure for virtual vs. traditional desktop environments.
Honor your best senior team members - Apply for the CIO Ones to Watch Award
Get well-earned public recognition for your top up-and-coming team members, your IT organization and your enterprise. Award winners will be announced, publicized and feted in May 2010, great timing to help attract new IT recruits to your company.
Learn more about the CIO Executive Council »May 02, 2007 — CIO —
![]()
Identity management is a term that refers broadly to the administration of individual identities within a system, such as a company, a network or even a country. In enterprise IT, identity management is about establishing and managing the roles and access privileges of individual network users. ID management systems provide IT managers with tools and technologies for controlling user access to critical information within an organization.
The core objective of an ID management system in a corporate setting is this: one identity per individual. But once that digital ID has been established, it has to be maintained, modified and monitored throughout what has been called the "access lifecycle." So ID management systems provide administrators with the tools and technologies to change a user's role, to track user activities and to enforce policies on an ongoing basis. These systems are designed to provide a means of administering user access across an entire enterprise and to ensure compliance with corporate policies and government regulations.
The list of technologies that fall under this category includes password-management tools, provisioning software, security-policy enforcement applications, reporting and monitoring apps, and identity repositories. Nowadays, these technologies tend to be grouped into software suites with assortments of additional capabilities, from enterprise-wide credential administration to automated smart-card and digital-certificates management.
The ID management buzz phrase of the moment is "identity lifecycle management." The concept encompasses the processes and technologies required for provisioning, de-provisioning, managing and synchronizing digital IDs, as well as features that support compliance with government regulations. Technologies that fall under the ID lifecycle-management rubric include tools for security principal creation, attribute management, identity synchronization, aggregation and deletion.
ID management is inextricably linked to the security and productivity of any organization involved in electronic commerce. Companies are using ID management systems not only to protect their digital assets, but also to enhance business productivity. The systems' central management capabilities can reduce the complexity and cost of an essential process. The centralized access control also supports consistent security policy enforcement.
ID management systems also give organizations a way to control the swarm of untethered endpointslaptops, PDAs and cell phonesbuzzing around the enterprise. Many of these devices are neither owned nor provisioned by the companies whose networks they need to access. The ability to enforce a set of policies on the devices that connect with the network through the management of the identities of the users of those devices is fast becoming a must-have security capability.
And besides, the government says you have to care about identity management. In 2005, ID heists at ChoicePoint, Bank of America and LexusNexis lit a veritable bonfire under U.S. congressional behinds, and lawmakers began making moves to put the onus for safeguarding customer info squarely on the shoulders of the enterprise. Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAAeach holds the company, in various ways, responsible for controlling access to customer and employee information.
Implementing identity management systems and associated best practices in your organization can give you a real competitive advantage in a number of ways. Nowadays, most businesses want and need to provide users outside the immediate organization with access to their internal systems. Opening your network's doors to customers, partners, suppliers, contractors and, of course, employees can increase efficiencies and lower costs. ID management systems can allow a company to extend access to its information systems without compromising security. Controlled identity and access management actually has the potential to provide greater access to outsiders, which can drive productivity, satisfaction and, ultimately, revenue.
One of the biggest cost savings touted by vendors and analysts alike comes from what might seem at first a trivial consideration: automation of password resets. Yet, depending on whose numbers you believe, somewhere around half of all help-desk calls are for password resets. ID management systems allow administrators to automate these and other time-consuming and costly tasks.
An ID management system can become a cornerstone of a secure network, because managing user identity is an essential piece of the access-control picture. An ID management system all but requires companies to define their access policies, specifically outlining who has access to what. That's a fundamental part of what a digital ID is. Consequently, well-managed IDs mean more control of user access, which translates into a reduced risk of internal and external attacks.
An ID management system can also improve regulatory compliance by providing an organization with the tools to implement comprehensive security, audit and access policies. Many systems now provide features designed to ensure that an organization is in compliance.