People always ask if OIM can be deployed in an SMB environment. Given that most of our initial customers were large enterprises that were putting complex deployments in place, it was very hard to provide good references for this question. No longer. IDC just released a report profiling the IdM implementation Silicon Image has done [...]
Posts Tagged ‘Oracle Identity Manager’
The “Model-As” Problem
In my last post, I talked about Jeff Bardin’s excellent session about the reality of successfully deploying an enterprise IAM infrastructure. During his session, he touched upon one of the more interesting problems that we see in enterprises today – the “Model-As” problem.
Jeff was referring to a practice that is very common in a lot [...]
RSA Conf. Notes: Looking For Practical Approaches to IAM
I attended a very informative session entitled “Enterprise IAM Challenges – A Practical Approach to RBAC” given by Jeff Bardin, the CISO at Investors Bank and Trust. It was a frank, open account of his experience leading a team on an IAM project that took his previous employer from a failed audit to a successful [...]
RSA Conf. Notes: Talking about Account Reconciliation
I attended a session titled “Delivering Security Integration with Compliance” by IBM’s Stuart McIrvine. During the session, he laid out the various governance frameworks for IdM (SOX, COSO and COBIT among others) and detailed how IBM’s Tivoli family of IdM products could be used to implement them as part of an IdM practice. As he [...]
Gartner MQ for User Provisioning published – Oracle Named “Leader”
I have been neglecting this blog for a while, and it took an event of historic importance to pull me out of my reverie and back into the blogosphere. No, I am not talking of the arrival on this earth of Suri Cruise. It was the eagerly anticipated publication of Gartner’s magic quadrant on User [...]
How you can handle your attestation needs
Attestation (aka Re-certification aka Periodic Review) is one of the latest must-have’s in the world of compliance-driven IdM (if you know of another name it goes by, please share). It essentially refers to the management practice of periodically checking and certifying that only the individuals who need certain access privileges have those access privileges. Here [...]
