Simplifying Identity and Access Management

By Jackson Shaw  |  Posted 2009-04-28 Print this article Print

Simplifying identity and access management

Several approaches or strategies exist to address these challenges. The security framework approach implements a framework around the entire environment, imposing structure on the disparate identity infrastructure.

Often called meta-directories or virtual directories, these security frameworks implement a master directory to which all other directories are synchronized. Among the drawbacks to the security framework, however, is its inability to unify each identity in a heterogeneous environment.

The point solution approach addresses individual cases as they occur, devising solutions and implementing technologies designed to solve the specific problem. The drawback here is that the solution usually fits the specific system for which it is designed, while a similar problem in another system would require an additional solution.

Custom development is another option. With enough time and effort, custom-developed solutions will integrate any components. Standards exist and tools are available to enable an organization to integrate its Unix systems with Active Directory. However, on the down side, these projects usually prove too complex, time-consuming and expensive to be viable for a large, complex organization.

Relying on the status quo is the reality for which many organizations opt when faced with identity and access management challenges. They make do with what they have, perhaps in combination with point solutions and custom-developed solutions.

Jackson Shaw is Senior Director of Product Management for Identity and Access Management at Quest Software. Jackson joined Quest as part of its acquisition of Vintela. He oversees product direction, strategy and go-to-market activities for Quest. Prior to Quest, Jackson was a key member of the identity and access management marketing team for the Windows server marketing group at Microsoft. He was responsible for product planning and marketing for Microsoft's identity and access management products, including Active Directory and Microsoft Identity Integration Server (MIIS) 2003. Jackson has been involved in directory, meta-directory and security initiatives for 20 years. He has spoken at various industry events and writes a popular identity management blog. Check it out at He can also be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel