Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Case Study: Identity Management
How do you launch a multimillion-dollar identity-management effort at a company that has 129,000 employees in seven business sectors, spread ...
December 01, 2005 — CIO —
How do you launch a multimillion-dollar identity-management effort at a company that has 129,000 employees in seven business sectors, spread across 50 states and 25 countries? For defense contractor Northrop Grumman, the answer is simple: one well-planned step at a time. “We think it’s better to take a somewhat measured pace and minimize the risk of disruption, rather than go for a big bang,” says Keith Glennan, VP and CTO.
About a year and a half ago, Northrop Grumman began looking into identity-management systems to improve security, facilitate regulatory compliance, make it easier for users to log on to multiple systems (without using multiple passwords), and reduce the cost of provisioning and password-management burden on IT. Glennan’s team ran a pilot with a few hundred users across the company in early 2004. In addition to automated provisioning, the pilot also used smart cards and linked user network log-ins to application log-ins.
The pilot was successful on two fronts: It showed how identity management could make life easier for users and for IT, and it highlighted identity-related policy issues that needed to be ironed-out before such a system could be implemented companywide.
“Policy is at least as big a challenge as the technology, because you have to make a lot of decisions about what rules you’re trying to enforce,” Glennan says. “It gets into cross-functional jurisdictional issues in terms of who can create identity, what is the authoritative source of identity within the company, and how you deal with outside people who need access to your systems.”
When the pilot was completed, a steering committee that included representatives from HR, IT and security debated policy issues. They decided to make the HR system the authoritative source of identity so that it would drive the identity-management process, including e-mail provisioning. “Effective identity management requires the elimination of multiple points of identity creation,” Glennan says.
The team also decided that Northrop Grumman’s procurement organization will create identities for suppliers and business partners that need access to the company’s systems. (In the future, Northrop Grumman plans to move to a federated identity-management architecture to ease the process of working with suppliers and business partners not on its network.
Glennan plans to re-architect directory services and to roll out an automated provisioning capability, which will take about 18 months. Once the infrastructure is in place, he says, his team will work its way through Northrop Grumman’s entire application portfolio, prioritizing which apps should be linked to the identity-management system for user provisioning and sign-on. Apps with the largest number of users will be enabled first, and those with only a few users may never be enabled.
The Case for A Specialized Security Platform
The CIO's Guide to Mobile Security: Executive Overview and Checklist
Security Features of the BlackBerry Solution
The Intelligent Enterprise
Protecting the Code: Technology Escrows Safeguards Critical Software
Optimizing Infrastructure Control
Paving the Way for Trusted Collaboration
Enabling the Global Enterprise
Get a grip on your mobile workforce Webcast
Optimizing Wide-Area Data Services Webcast
The CIO's Guide To Harnessing Enterprise 2.0
Why CIOs should embrace Web 2.0
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Sony rolls out Atom-powered mini-laptop
Cisco gets social with Entertainment OS
OQO launches handheld PC with OLED touch screen
Hack Forces Twitter Into 'Full Security Review'
Clearwire woes hit big backers
Myspace comes to TV with Intel, Yahoo
New SD standard will allow for 2TB cards
Social networks link terrorists
Social networking, ROI, pricing among '09 CRM trends
Cutting costs, Microsoft backs away from office space
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
