The Optimist is feeling a little pessimistic

Seems like the recent Catalyst conference led the Eternal Optimist, Pam Dingle, to question how we are doing as an industry. It is true that a lot of the messaging has shifted from what enterprises need to accomplish based on their unique needs to “check-off the list” buzzwords like GRC (which Bob Blakely called a “four letter word”), RBAC and User-Centric.

Pam’s definition about why Enterprises should invest in identity is not new, nor has it never been said before. But it seems like periodically, people need to reiterate the message to remind people that they should keep their eye on the ball. Too many times, the people going into identity projects do so because of a corporate mandate, with little understanding of why exactly they need to do it, or what the needs are that they are trying to address.

But I don’t quite share Pam’s pessimism expressed in the second half of her post. When she asks

The really interesting question will be whether or not the big vendors will ever start enabling truly integrated provisioning and SSO support for the full range of their products.

I think she asks a question that many have been asking, and some of us are starting to work on. The key word here is “work”, because the vision for standardized identity services is still just that – a vision. Reality is that there are a number of enterprises out there that are implementing identity services strategies on their own, but there is no concrete way for COTS and SaaS applications to rely on identity services for these critical functions. Even Oracle’s work in this area (which I have been blogging about for a while) is proprietary at this point, and very much driven by the vision for Fusion Applications that is articulated in Pamela’s hope for stack offerings with an “integral adherence to an identity vision, instead of bolted-on adherence”. This is one of the main reasons why I have joined the Identity Services Working Group that the Burton Group is running, to work with the community on defining the missing pieces that can make identity services a cohesive solution that all applications can be built on.