I’m back from a trip to Oracle HQ, where I was attending our 2nd annual Identity Management Customer Advisory Board conference. The 3-day event is the zenith of a continuous process that combines quarterly meetings with 1-on-1 discussions to provide all involved a valuable platform to gather, discuss and align our vision of all things
By the way, it seems that there are some issues with features and controls on my blog. Thanks to a number of emails from readers, I realized a while ago that my post archive has not been working. Also, seems that the comments people posted to my blog are not being handled correctly. I put
About a month ago now I did a post about account reconciliation capabilities that I believed were necessary to make reconciliation practical. My post was triggered by a session I attended by IBM’s Stuart McIrvine, during which he answered a question about ways to correlate identities by saying it should be done based on common
A few months ago, I wrote a post in which I took issue with the statement that “Role Management will become the focus of Compliance”. My objection kicked off a flurry of responses from various folks, expressing opinions that covered the gamut. I received a lot of responses disagreeing with me, with quite a few
I attended a very informative session entitled “Enterprise IAM Challenges – A Practical Approach to RBAC” given by Jeff Bardin, the CISO at Investors Bank and Trust. It was a frank, open account of his experience leading a team on an IAM project that took his previous employer from a failed audit to a successful
I’m here at the annual RSA Conference, and it is just as busy as every year. Everyone who is anyone in security is here, which is why certain vendors are conspicuous by their absence (talk about reverse marketing), but that’s a different issue. Every year, it seems like one topic is at the top of
It has been a long time since my last post. The fact that it coincided with the holiday season shouldn’t lead you to think that I was enjoying some well deserved time off. It has, in fact, been quite the opposite. Things have been really busy in the identity management group recently, and I have
I usually don’t expect too many replies to postcards (real world or blog) that I write, so I was pleasantly surprised to see the discussion my post about the Gartner summit generated. The lively discussions regarding the part roles play in compliance were definitely expected. What I was not expecting were the few emails I
Wired News (which I read assiduously) had a pretty interesting article in their “Security Matters” section recently that talked about an analysis done of MySpace account passwords (“MySpace Passwords Aren’t So Dumb“). It makes for a pretty interesting read, so check it out. While you are at it, check out whether you have a password
2 weeks ago I attended Gartner’s first IAM summit. Entering an arena long dominated by Burton and RSA, they nonetheless seemed to have a respectable turnout, even if it was mostly people like me curious to find out what their treatment of the space was going to be. The fact that it was in Vegas