The buzz, and confusion, around the Twitter-iOS integration is incredible, especially among the identirati. It’s created some very interesting twitter discussions, and some huge claims about what this means for Twitter, Apple and the social landscape in general. I’ve now seen a number of articles that equated the WWDC announcement as confirming that “Twitter is [...]
Posts under ‘Insight IdM’
Quick Thoughts on the Twitter-iOS Integration
One of the big announcements at yesterdays WWDC conference was the integration of Twitter into iOS 5 (those screenshots are nice!). Twitter fanatics are going gaga about this, talking about how this is a game-changer and even conjecturing on what the apparent Facebook snub means. However, what I want to know is – what does [...]
Deploy Multi-Layered Security to Combat Insider Threats
Insider threats are back in the news in a big way. Bank of America revealed that an employee allegedly leaked a lot of accountholder information to a ring of criminals, which led to account hijacking and check fraud. And the goal of the RSA breach seemed to be emerging rather scarily with news of what [...]
Identity Intelligence to Drive Business Objectives
As I pointed out in my answer to Ema’s question about the recent Gartner IAM Summit in London, the overwhelming theme of the conference was Identity & Access Intelligence. The main driver for this shift in focus being discussed at the conference was around the core idea of driving down costs in identity management projects, [...]
Talking Identity at the European Identity Conference and more
May is going to be a busy month. I already mentioned I’ll be at the Internet Identity Workshop next week (if only for the first day and a half), where I fully expect to dive into discussions regarding SCIM and OAuth in the Enterprise (picking up from where we left off at the last IIW). [...]
SCIMming the Surface of User Provisioning
This should be interesting! By all accounts, one of the main reasons that SPML never achieved traction was that application vendors were not involved in developing or deploying the standard. The effort to standardize provisioning of accounts was driven largely by the provisioning engine vendors. The result was an unwieldy standard that nobody could figure [...]
An Entitlement-Centric Approach to Security
Last week, I gave a well-received talk to a group of CxO and high-level IT managers on a new way to think about security built around entitlements. The premise of the talk was that with the de-perimiterization of the enterprise, the modern enterprise has already become entitlement-based; we in the security industry just haven’t caught [...]
Cardspace and the KISS Principle
(My original title for this post was “Cardspace, We Hardly Knew Thee”, but Dave Kearns stole that by a nose). RSA is not the best conference for identity related news and topics, but there were more than a few interesting story lines that emerged last week (and no, I am not referring to what went [...]
When “Trust” Is Not Enough
Computerworld has an interesting article ‘Security fail: When trusted IT people go bad‘ with the even more interesting subtitle “One rogue IT employee can do more damage than an army of hackers“. It’s well worth a read, if only to get a feel for the nightmarish scenarios CIO’s can be faced with. The 3 case [...]
Sometimes It Is Better To Detect Than Prevent
The recent tragedy in Tucson, AZ has gripped the nation in more ways than one. There are so many different story lines unfolding out of that single tragedy – about politics, about rhetoric, about immigration, about dreams. Significantly less visceral, but important from an identity management perspective is this avoidable but all too common story [...]
