The Human Touch
The Human Touch Despite impressive progress in the identity management field, it remains hampered by long-standing bugaboos.Once users are logged in, a host of tricky problems remain. And the severity of these problems will depend in large part on an organizations industry. In an interview with eWEEK, Nelson Ramos, vice president and regional CIO of Sutter Health, in Modesto, Calif., and an eWEEK Corporate Partner, pointed out that many medical applications automatically time out after a short period of inactivity. "Once the user is logged in, we still need some way to signal activitymaybe caching a mouse movement and replaying it every couple of minutes to keep the application session active," said Ramos. Medical settings, in fact, may put identity management to its most difficult test. At the end of the day, most other industries are not dealing with life-and-death decisions. In a hospital, if a doctor needs lab results but cannot remember his or her password to gain access to the system, the results can be catastrophic. A health care setting also presents big challenges to the common user name/password method of authentication as well as to more rigorous methods that use multiple factors to confirm identity, such as biometrics or physical tokens. Relying on a thumbprint, for example, is difficult at best in an environment where most employees wear gloves. Badges and other tokens take a beating when they need to be used in sterile environments. Furthermore, radiology departments often have special requirements that restrict either metal or magnetic devices. Health care organizations may present some of the biggest challenges to identity management, but every organization has its hurdles. In any business, for example, where personnel commonly share workstations and move around inside buildings, authentication methods must move with employees and cannot be tied to a single computer. IT managers need to consider these kinds of business requirements when planning an identity management system.
First, there is still a tremendous amount of human touch that is required to set up and maintain these systems. Second, while some products come close to recognizing all applications access methods (Passlogix Inc.s v-GO SSO, for example), most enterprise users will encounter at least one application that requires significant custom coding to work with the identity management system.