The big IAM

By on
The big IAM
Page 2 of 2  |  Single page

"And federating new services, such as web services, can cut rollout times and increase flexibility hugely."

The broadening scope of federated management systems makes the task of deployment more complex, but also far more rewarding.

Once authenticated identities can be used in a portable fashion across autonomous security domains, administration efficiencies can be driven enormously.

However, crossdomain B2B deployments are even more complex, and strict adherence to standards is critical to success. Whatever the scale of deployment, standards are of vital importance, due to the wide area that identity management covers.

Equally, this scope can also make it difficult to ensure all relevant standards are met in every area of the network.

IAM impacts on areas including directory management, certificate authorities, provisioning, access control, as well as authentication standards for tokens, smartcards and biometrics.

The key standards bodies in the IAM space include the  Liberty Alliance, which works towards  developing standards for federated identity and identity-based web services;

Oasis (Organisation for the Advancement of Structured Information Standards), responsible for the development of SAML (Security Assertion Markup Language), a method of conveying identity and authorisation data, as well as WS-Security (Web Services Security), a  methodology for attaching security data to web services messages;

and XACML (Extensible Access Control Markup Language), a standard for expressing security policies and access rights to information for web services.

There is also the Web Services Interoperability Organisation (WSI), responsible for WS-Security, a security standard for when data is exchanged as part of a web service, and WS-Federation that deals with the federation of trusted identities, their attributes and their authentication.

Additionally, ISO and British standards all play a part, depending on geographical territory, as well as a whole host of  authentication standards.

Emma Harrington, global product manager, Thales, says: "A lot of customers have heard of one or two standards and ask for them, such as SAML, but many have no idea what these standards actually are, or what they do.

"This is a very important area, though, as often technology vendors are keen to lock customers into their own products, which can lead to integration difficulties down the line. The key to a successful IAM implementation is to be flexible.

"A project of this size is a great time to take a step back and assess business priorities, risk vectors and take an overview." Steve Brunswick, strategy manager, Thales, agrees: "Be sure to consider which standards are most relevant for your business, and discuss these with your chosen vendor. It's also wise to ask them about their intended roadmap; not all vendors will fully support the huge variety of standards in this area."

Jim Hietala, VP security, the Open Group, believes broader vendor adoption is required: "The standards are out there, but their adoption so far is fragmented, and it is also inconsistent.

"Organisations are trying to deal with this situation, but it's complex. The reality for companies tends to be implementing a solution for business reasons, such as a SaaS product like Salesforce, then looking at IAM later."

Other advantages of a standardsbased approach to IAM include increased visibility throughout the organisation, and the inbuilt presence of forensic tools.

In the event of a data breach or leak, it's important to be able to spot immediately where the issue originated, so that safeguards can be applied.

However, Rodger points out that the sheer scale of the task should not be underestimated. "Provisioning, for example, where access rights are granted as a result of authorised ID, requires a huge amount of work to define the roles of staff.

"It can take from one to three years to design and spec a large system. This means businesses need to be careful about future-proofing right through the technology stack, from applications right through middleware and hardware."

Future issues aside, another common IAM pitfall is to downplay the importance of executive buy-in, according to Godfrey.

"This is by far the greatest reason for failure in IAM programs, and when a client comes to us without it, we know that success is unlikely.

"Implementations on this scale will inevitably encounter resistance from some quarter of the business, and it's vital to have the weight of an executive sponsor to keep things moving."

It's clear IAM will mean different things to different companies, and implementations will range from single sign-on for double-figure user bases, through to international federated B2B marketplace systems.

But many of the preliminary steps remain the same, and the absolute requirement to co-ordinate and maintain project coherence is the top priority.

As the demand for efficiencies grows, the need for increasingly complex federated systems will increase, and the raft of standards that accompany the theory will mature further.

Keeping on top of the relevant ones for your IAM implementation is key.

Previous Page
1 2 Single page
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
access and identity management software

Partner Content

Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro

Sponsored Whitepapers

Easing the burden of Microsoft CSP management
Easing the burden of Microsoft CSP management
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

Australian MSP Index launched

Australian MSP Index launched
Ingram Micro Ushers in the Age of Ultra

Ingram Micro Ushers in the Age of Ultra
Announcing Pipeline 2025 tickets, theme & initial speakers

Announcing Pipeline 2025 tickets, theme & initial speakers
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security

Log in

Email:
Password:
  |  Forgot your password?