The Road To Identity Relationship Management

The Problems With Identity & Access Management

I am never a fan of being the bearer of dramatic bad news - "this industry is dead!", "that standard is dead!", "why are you doing it that way, that is so 2001!".  Processes, industries and technologies appear, evolve and sometimes disappear at their own natural flow.  If a particular problem and the numerous solutions are under discussion, it probably means at some point, those solutions seemed viable.  Hindsight is a wonderful thing.  With respect to identity and access management, I have seen the area evolve quite rapidly in the last 10 years, pretty much the same way as the database market, the antivirus market, the business intelligence market, the GRC market and so on.  They have all changed.  Whether for the better or worse, is open for discussion, but in my opinion that is an irrelevant discussion, as that is the market which exists today.  You either respond to it, or remove yourself from it.



Like most middleware based sectors, identity and access management has become a complex, highly optimized monster.  Tools on top of tools, to help you get the most out of tools you purchased long ago and sit at the bottom of the stack.  Projects are long and complex.  Milestones blurred.  Stakeholders come from different spectrums of the organisation, with differing goals and drivers.  Vendors have consolidated and glued together complex suites of legacy solutions, built on different frameworks and with different goals in mind.  The end result?  A confused customer and a raft of splinter point products that claim to offer speed and cost improvements to existing 'legacy' solutions.


The Modern Enterprise

I blogged recently about the so called 'modern' enterprise, and how it has evolved to include facets from the mobile, social and outsourced worlds.  Organisations have faced tremendous issues since 2008 when it comes to profitability, with shrinking markets, lower revenues and more stringent internal cost savings.  All of which, have placed pressure on identifying new and more effective revenue streams, either from developing new products faster, or by extracting more revenue from existing customers, by leveraging company brand and building better, more online focused relationships.  All of these avenues of change, rely heavily on identity management.  Firstly, by allowing things like online client registration to occur rapidly and seamlessly, right through to allowing new approaches such as mobile and cloud to be integrated into a single revenue focused platform.

The long and winding identity road - image taken by Simon Moffatt, New South Wales, AU. 2011
Gone are the days when identity management was simply focused on managing employee access to the corporate directory and email server.  Organisations are now borderless, with a continually connected workforce.  That workforce is also not simply focused on employees either.  The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves.  Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction.  If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.


Scale, Agility and Engagement

But what does this all mean practically?  New widgets, more sprockets and full steam ahead on the agitator!  Well not quite.  It does require a new approach.  Not a revolution but evolution.  Modernity in all levels, seems to mean big.  Big data.  Big pipes.  Big data centres.  Scale is a fundamental component of modern identity.  Scale, too can come in many different flavours.  Numbers yes.  Can you accommodate a million client registrations?  What about the process, flows and user interfaces that will be needed to manage such scale?  Modularity is key here.  A rigid, prescribed system will result in a rigid and prescribed service.  Flexibility and a loosely decoupled approach will allow system and user interface integration in a much more reusable way.  Languages, frameworks and standards are now much less about vendor sponsorship and much more about usability and longevity.  Modern identity is really about improving engagement, not just at the individual level, but also at the object and device level.  Improved engagement will result in better relationships and ultimately more informed decision making.

Ultimately economics is based fundamentally on clear, fully informed decision making, and if a modern enterprise can develop a service to fully inform and engage its client base, new revenue opportunities will sharply follow.





The Road To Identity Relationship Management

The Problems With Identity & Access Management

I am never a fan of being the bearer of dramatic bad news - "this industry is dead!", "that standard is dead!", "why are you doing it that way, that is so 2001!".  Processes, industries and technologies appear, evolve and sometimes disappear at their own natural flow.  If a particular problem and the numerous solutions are under discussion, it probably means at some point, those solutions seemed viable.  Hindsight is a wonderful thing.  With respect to identity and access management, I have seen the area evolve quite rapidly in the last 10 years, pretty much the same way as the database market, the antivirus market, the business intelligence market, the GRC market and so on.  They have all changed.  Whether for the better or worse, is open for discussion, but in my opinion that is an irrelevant discussion, as that is the market which exists today.  You either respond to it, or remove yourself from it.



Like most middleware based sectors, identity and access management has become a complex, highly optimized monster.  Tools on top of tools, to help you get the most out of tools you purchased long ago and sit at the bottom of the stack.  Projects are long and complex.  Milestones blurred.  Stakeholders come from different spectrums of the organisation, with differing goals and drivers.  Vendors have consolidated and glued together complex suites of legacy solutions, built on different frameworks and with different goals in mind.  The end result?  A confused customer and a raft of splinter point products that claim to offer speed and cost improvements to existing 'legacy' solutions.


The Modern Enterprise

I blogged recently about the so called 'modern' enterprise, and how it has evolved to include facets from the mobile, social and outsourced worlds.  Organisations have faced tremendous issues since 2008 when it comes to profitability, with shrinking markets, lower revenues and more stringent internal cost savings.  All of which, have placed pressure on identifying new and more effective revenue streams, either from developing new products faster, or by extracting more revenue from existing customers, by leveraging company brand and building better, more online focused relationships.  All of these avenues of change, rely heavily on identity management.  Firstly, by allowing things like online client registration to occur rapidly and seamlessly, right through to allowing new approaches such as mobile and cloud to be integrated into a single revenue focused platform.

The long and winding identity road - image taken by Simon Moffatt, New South Wales, AU. 2011
Gone are the days when identity management was simply focused on managing employee access to the corporate directory and email server.  Organisations are now borderless, with a continually connected workforce.  That workforce is also not simply focused on employees either.  The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves.  Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction.  If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.


Scale, Agility and Engagement

But what does this all mean practically?  New widgets, more sprockets and full steam ahead on the agitator!  Well not quite.  It does require a new approach.  Not a revolution but evolution.  Modernity in all levels, seems to mean big.  Big data.  Big pipes.  Big data centres.  Scale is a fundamental component of modern identity.  Scale, too can come in many different flavours.  Numbers yes.  Can you accommodate a million client registrations?  What about the process, flows and user interfaces that will be needed to manage such scale?  Modularity is key here.  A rigid, prescribed system will result in a rigid and prescribed service.  Flexibility and a loosely decoupled approach will allow system and user interface integration in a much more reusable way.  Languages, frameworks and standards are now much less about vendor sponsorship and much more about usability and longevity.  Modern identity is really about improving engagement, not just at the individual level, but also at the object and device level.  Improved engagement will result in better relationships and ultimately more informed decision making.

Ultimately economics is based fundamentally on clear, fully informed decision making, and if a modern enterprise can develop a service to fully inform and engage its client base, new revenue opportunities will sharply follow.





European Open Identity Summit – Review

This week saw the first European Open Identity Summit hosted by identity management vendor ForgeRock [1].  Following hot on the heels of the US summit, that was in Pacific Grove, California in June, the sold out European event, brought together customers, partners, vendors and analysts from the likes of Salesforce, Deloitte, Forrester and Kuppinger Cole amongst others.

Whilst the weather was typically October-esque, the venue was typically French chateau, set in panoramic grounds, with great hosting, food and wine to keep everyone in a relaxed mood.

The agenda brought together the key themes of the modern identity era, such as standards adoption (XACML, SAML2, OAuth2, OpenID Connect, SCIM), modern implementation approaches (JSON, API, REST) through to the vision for modern identity enablement for areas such as mobile and adaptive authentication, all whilst allowing customers and partners a chance to collaborate and swap war stories with some great networking.


Consumer Identity As A Revenue Generator

I have discussed the evolution of identity management on several occasions over the years (not least in August!), with the current iteration seeing a strong focus on utilising the identity of the consumer, as an approach to help drive new and existing revenue, for services and applications.  By capturing consumer identity details, either via portal facing registration systems, or making services available online, brand stickiness can be increased and a more relationship based approach can be developed. Developing platforms for consumer focused identity, requires several key components, mainly scale, modularity and agility.


Salesforce Expand Identity Offering

One of the key announcements at the summit was the expansion of the identity offering, by CRM software as a service giants, Salesforce.  With the Identity Connect platform, Salesforce and ForgeRock have entered into an OEM agreement, where the ForgeRock Open Identity Stack is used to enable the Salesforce solution to allow enterprises to seamlessly integrate with existing on-premise identity directories, with additional SSO capabilities.  Salesforce hope the solution will accelerate the onboarding of new and existing client accounts into their portfolio of online services. This is yet another example of organisations seeing customer identity as a key strategic component of business enablement and revenue generation.


Passwords Are Dead...Long Live The Password!

One of this years keynote speakers was Forrester's Eve Maler.  Always an articulate presenter, Eve dropped the bombshell that 'passwords are dead...'.  Whilst this isn't probably the most surprising announcement in the identity and infosec worlds, there is still to be defined, a clear way to replace the use of passwords as an authentication mechanism.  This is a topic I have blogged on multiple occasions (The Problem With Passwords Again, Still - Oct 2012, The Password Is Dead (Long Live The Password) - Feb 2012, Passwords And Why They're Going Nowhere - Mar 2013).  The failures of password use, storage and implementation are well known, but they are now too well embedded technically and psychologically, that a simple passage to something resembling biometric sustainability is somewhat remote.  Answers on a postcard with how that can be obtained!


The Future is Bright

Everyone loves modern - modern art, modern fashion, cutting edge music, the latest tech gadgets, but where does that leave modern identity management?  Modern in this respect, shouldn't just be focused on the new and shiny.  It needs to be focused on the new and useful.  Mobile devices are clearly the key component for information access, either via smart phones or tablets.  The desktop is dead and the laptop not far behind.  Modern identity needs to integrate seamlessly with mobile devices, utilising native technologies and loosely coupled REST based APIs and integration points.  Modern identity must also be convenient and easy to use.  Security in general is bypassed when too restrictive or complex and modern identity is no different.  For authentication and authorization processes to be effective, they need to convenient, good looking and easy to use.


The summit was a great event, that produced some interesting and thought provoking discussions, highlighting identity management as a key component of many organisations' go-to-market approach for 2014 and beyond.


[1] - For audience transparency, the author is employed by ForgeRock.

European Open Identity Summit – Review

This week saw the first European Open Identity Summit hosted by identity management vendor ForgeRock [1].  Following hot on the heels of the US summit, that was in Pacific Grove, California in June, the sold out European event, brought together customers, partners, vendors and analysts from the likes of Salesforce, Deloitte, Forrester and Kuppinger Cole amongst others.

Whilst the weather was typically October-esque, the venue was typically French chateau, set in panoramic grounds, with great hosting, food and wine to keep everyone in a relaxed mood.

The agenda brought together the key themes of the modern identity era, such as standards adoption (XACML, SAML2, OAuth2, OpenID Connect, SCIM), modern implementation approaches (JSON, API, REST) through to the vision for modern identity enablement for areas such as mobile and adaptive authentication, all whilst allowing customers and partners a chance to collaborate and swap war stories with some great networking.


Consumer Identity As A Revenue Generator

I have discussed the evolution of identity management on several occasions over the years (not least in August!), with the current iteration seeing a strong focus on utilising the identity of the consumer, as an approach to help drive new and existing revenue, for services and applications.  By capturing consumer identity details, either via portal facing registration systems, or making services available online, brand stickiness can be increased and a more relationship based approach can be developed. Developing platforms for consumer focused identity, requires several key components, mainly scale, modularity and agility.


Salesforce Expand Identity Offering

One of the key announcements at the summit was the expansion of the identity offering, by CRM software as a service giants, Salesforce.  With the Identity Connect platform, Salesforce and ForgeRock have entered into an OEM agreement, where the ForgeRock Open Identity Stack is used to enable the Salesforce solution to allow enterprises to seamlessly integrate with existing on-premise identity directories, with additional SSO capabilities.  Salesforce hope the solution will accelerate the onboarding of new and existing client accounts into their portfolio of online services. This is yet another example of organisations seeing customer identity as a key strategic component of business enablement and revenue generation.


Passwords Are Dead...Long Live The Password!

One of this years keynote speakers was Forrester's Eve Maler.  Always an articulate presenter, Eve dropped the bombshell that 'passwords are dead...'.  Whilst this isn't probably the most surprising announcement in the identity and infosec worlds, there is still to be defined, a clear way to replace the use of passwords as an authentication mechanism.  This is a topic I have blogged on multiple occasions (The Problem With Passwords Again, Still - Oct 2012, The Password Is Dead (Long Live The Password) - Feb 2012, Passwords And Why They're Going Nowhere - Mar 2013).  The failures of password use, storage and implementation are well known, but they are now too well embedded technically and psychologically, that a simple passage to something resembling biometric sustainability is somewhat remote.  Answers on a postcard with how that can be obtained!


The Future is Bright

Everyone loves modern - modern art, modern fashion, cutting edge music, the latest tech gadgets, but where does that leave modern identity management?  Modern in this respect, shouldn't just be focused on the new and shiny.  It needs to be focused on the new and useful.  Mobile devices are clearly the key component for information access, either via smart phones or tablets.  The desktop is dead and the laptop not far behind.  Modern identity needs to integrate seamlessly with mobile devices, utilising native technologies and loosely coupled REST based APIs and integration points.  Modern identity must also be convenient and easy to use.  Security in general is bypassed when too restrictive or complex and modern identity is no different.  For authentication and authorization processes to be effective, they need to convenient, good looking and easy to use.


The summit was a great event, that produced some interesting and thought provoking discussions, highlighting identity management as a key component of many organisations' go-to-market approach for 2014 and beyond.


[1] - For audience transparency, the author is employed by ForgeRock.