Friday, September 12, 2008

Burton Id Correlation Stressed

Burton is hosting a telebriefing about identity correlation.  I have to say I'm a bit surprised, but think it's great.  (see blog posting by Ian Glazer here)

It is true, if you want to have true access management you have to start with being able to correlate accounts. Without this you have no way to even know who has access to what, much less be able to audit, control, or monitor it in any way.

Correlation enables "Access Certification, Role Mining, Entitlements Management, Policy Evaluation, Identity Auditing, and numerous other custom services developed by our customers... password management and user provisioning.  The reality is the correlating of accounts to people is a requirement for all identity management exercises.  "

How true it is.  You have to establish a mathematical union of identities.  Think back to basic set theory, you have to establish a record where each user is represented exactly and only once. Some would call it "global key mapping", others "correlation", or even "account linking".  Whatever you call it, the idea can still be reduced to the old concept of creating a union of two or more sets. 

Here is another great point, "Here's a tip to enterprises out there - ask your software vendors and deployment teams what capabilities they have to help facilitate this correlation.  Ask early and before you start down the path of an identity project.  Make it an on-going process governed by your overall identity management program."

TRUE!  Do this planning early.  I was talking with several integrators this past week at DIDW in Anaheim, and its amazing how much work you still have to put into convincing people not to just buy an IAM suite, but rather to solve some integration problems (i.e. correlation) Seems like I never stop talking about this, but glad to see Burton is taking up the mantra also!  :)   If you can, join the teleconference on October 1st and 2nd.


No comments: