The concepts are the same for Identity Management, you don't have to solve every problem in the world to get started solving your integration problems... BUT you can make some savvy choices, like planning ahead and going with solutions that have "legs". If you have read my blog entries you know I love the data-virtualization concept and benefits. The author of this article (http://www.it-director.com/blogs/Fern_Halper/2007/12/MDM_without_boiling_the_ocean.html) is starting to see some of the benefits of the data-virtualization idea, its too bad there isn't any examples given or benefits achieved. Identity Management can be as daunting as MDM (master data management), and in many ways more critical. My recent run-in with Blue-Cross of California shows my point, they have decided to integrate their multiple systems (e.g. star, gemcorp, etc) into a web service so that members can access information and services at a single point - sounds simple enough right? on the contrary, its not working and they are puzzled as to why... members who are in multiple systems, perhaps inactive in one data silo and active in another for example, can not access the website or retrieve registration information. As of my last contact with that group, they have no ETA on when they will solve this problem, nor have they isolated where the problem lies... amazing... It is obvious to me that it lies in the choice of data integration tools, it looks like Blue Cross will be relying on their old systems, and a lot more member calls (btw their tech support is reporting a minimum wait time of 25 minutes as of yesterday), and upset customers for awhile longer.... Create an abstraction layer that can grow with you. Solve one piece of the puzzle at a time, when you have a piece in place, implement it without disrupting other current systems.... this one of the largest benefits I am finding in using data-virtualization tools like virtual directories, I don't have to use it for everything at once (I can implement authentication via ldap proxy using a virtual directory server, and later add services such as provisioning or user management), and it operates into my current environment natively as I need it to (i.e. ldap, or sql, or xml/web services, etc) not some new custom protocol. How do you eat an elephant? one bite at a time! Break your project into small pieces, with your eye on creating tools for the future, you just might be able to boil the ocean yet...
read more | digg story
New World, New Rules: Securing the Future State
5 months ago