Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Identity Management Is Good Business

    By
    Cameron Sturdevant
    -
    March 18, 2002
    Share
    Facebook
    Twitter
    Linkedin

      Managing passwords is a good first step in taking control of end-user maintenance costs because it shifts some of the work from IT to the end user. eWeek Labs believes identity management, from account provisioning to authentication and directory integration, is the road most enterprises should be traveling.

      The beauty of a product such as Passlogix Inc.s V-Go SSO is that with a modicum of fuss, IT managers can have users up and running on a tough, no-nonsense single-sign-on utility that cuts costs by limiting help desk calls. Products such as V-Go also increase security by ensuring that users adhere to tough password policies.

      We had V-Go up and running in a day on a small test network. Obviously, that timeline wont be matched by companies rolling out the product to thousands of users, but the real benefits of a well-thought-out identity management policy will show up in a matter of weeks or months, not quarters or years.

      Managing identity in the enterprise for maximum cost reduction means putting the technology (directories, certificate authorities and authentication methods) in place, along with policies (business plans, human resources procedures and delegated authority).

      Tracking and maintaining user identities on the Web for binding agreements, including purchases and contracts, is outside the scope of this article.

      Products such as Courion Corp.s AccountCourier, which is designed to handle password and user ID accounts throughout their life cycle, or customized applications of technologies, such as Novell Inc.s DirXML information-sharing technology, both take a stab at solving identity management in the enterprise. Using these products, employees are represented by an identity that is given access rights and privileges, as well as constraints that keep the users and the data under their control inside predetermined boundaries.

      When using account management products to manage user identities, it is useful to consider three factors: how intrusive is the process in gathering information that is to be used for user authentication, how accurate is the information that is being supplied, and what is the real cost of gathering and maintaining the information.

      Weve looked at several products that use a variety of methods to authenticate users, from biometric devices to new software tools that use multiple factors, including computer-usage habits, to determine who is trying to use the system. Its a fair question for employees to ask, “What happens to this data when I leave the company?”

      The more intrusive the information (fingerprint, retina scan, country of birth, salary of first “real” job), the more valuable it is—both to the actual person who is attached to the data and to identify thieves. Proliferation of our most private data diminishes the usefulness of that data for identification purposes.

      Put another way, information accuracy has more to do with the attributes that IT assigns to user identities than with the actual information supplied by the end user. As identity management applications are put in place, it is essential to also implement policies that mandate a review of the technical procedures.

      For example, it should be the responsibility of an organizations IT department to review as frequently as every quarter the scripts used to generate new users. This is because, for all the efficiency and speed that automated systems bring to account creation and deletion, it is imperative to make sure that the correct rights are being assigned to new users. It is all too easy to set up a test account with wide-ranging authority, only to assign that account to new users by mistake. This is also a classic opportunity to work with line-of-business managers to ensure that the accounts that are created actually match the job functions of the people who are receiving the accounts.

      Finally, nearly every account management tool on the market has a return-on-investment calculator that shows how much an organization can “save” by implementing the product. Before using one of these calculators, IT managers should run some rough numbers to get an idea of the actual costs that go into an identity management system.

      Then run the calculator.

      Cameron Sturdevant
      Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at [email protected]

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×