The Canadian Broadcasting Corp. is about to roll out identity management technology that an executive says will radically simplify access to information and the administration of accounts for more than 10,000 employees.
The broadcaster says it will streamline account and password management
using software from Novell Canada Ltd. The project will include the integration of Novell’s GroupWise with its eDirectory service, which has been in place at the CBC for 10 years.
David Jeffrey, director of operations and regional media production support for CBC Technology, says the identity management project is happening in conjunction with the development of a new security policy at the CBC. Identity management will also become more critical when the CBC soon launches an HR portal that will allow employees to access benefits information and change their address, among other functions.
Though employees will not have a single sign-on with the new identity management tool, they will be able to use the same password for all the applications they use. This will encourage employees to use more robust passwords, Jeffrey says.
Proper identity management is essential for companies that want to prevent security breaches and safeguard themselves from crimes such as intellectual property theft, says René Hamel, the vice-president of computer forensics services at investigations firm Inkster Group of Toronto. Inkster tries to locate the individual behind the computer by following electronic trails when a company experiences a security breach.
Identity mismanagement or an unauthorized use of someone else’s identity is a component of over 50 per cent of the incidents Hamel investigates.
Such incidents don’t often get reported, but they happen all the time, he says.
“”Companies certainly don’t want to advertise they have an internal problem. That’s why you don’t hear about it,”” he says. Customers and partners would lose confidence in companies if they learned about such breaches. “”So they try to take care of it internally, and that’s why sometimes they don’t call the police, because when the police get involved, it’s public information.””
Jeffrey says increased security is only one of the reasons the CBC wants to improve identity management throughout the Crown corporation. “”We’ve also been faced with a lot of Microsoft server applications and Active Directory coming in,”” he says. “”We need to hold all that in one directory.””
The result, Jeffrey says, will mean users can eventually authenticate themselves once instead of through several logons.
The ID management tool will also enable the CBC to implement a zero-day start and stop for employees, Jeffrey says. Managers will be able to generate accounts immediately for new employees, depending on their rights and profile, at a central location. When an employee leaves, they will also be able to disable the accounts.
The CBC wants to eventually teach employees best practices for password creation, Jeffrey says.
“”It’ll be a cultural change to get people to know you don’t give that (passwords) out.””
Other things companies need to worry about are key loggers and shoulder surfing — an employee looking over the shoulder of another as he or she types a password, Hamel says.
Biometrics is one way to combat that, he says.
The CBC started looking at proof of concepts for identity management last February, but the real work began in April, he says.
Novell Directory Services was chosen in 1994 and was completely up and running a year later, supporting 60 locations across the country, with 9,000 workstations connected to eDirectory today. The CBC eventually adopted Novell ZenWorks Desktop Management four years ago to reduce its total cost of ownership.
“”The standard in broadcast is 100 per cent uptime. They can’t have dead air,”” says Novell Canada vice-president and general manager Don Chapman. “”They expect that same reliability in other parts of the organization as well.””
Jeffrey says the identity management project is primarily intended to increase productivity. The project will allow employees to make changes to their password via a secure Web site, which will be replicated in CBC’s metadirectory, for example.
“”If you see the calls we get to our hotline for password changes . . . if we can keep that volume down, that will certainly reduce our administration costs.””
— With files from Poonam Khanna