Facing an identity crisis?

In today’s increasingly complex web of e-Business technologies and systems, organizations are finding that they need more clarity of vision in their strategic technology plans. Unfortunately, the landscape is full of differing answers and the challenge is finding the right path to follow. In the

world of Enterprise Access Management (EAM) organizations are being told that they can have single-sign on user authentication through their corporate portal to all of their back end web-applications. And they can, with a little helpful advice along the way.

The problem with EAM is not the technical capabilities of the products, but the differing expectations by buyers of what it will really deliver. The benefits are already well appreciated: strong and consistently applied security and control, roles-based access, distributed administration, user self-registration, content personalization, automated user provisioning, fewer user ID and password resets and a lower total cost of ownership.

The increasing risk and mounting cost of security is forcing organizations to look for better ways to optimize and leverage a common security platform across the organization without repeating the effort each time a new application or service is offered to employees, customers or business partners. For this reason alone, thousands of organizations have begun to invest in EAM technologies to grapple with might be the most pervasive and costly problem they face today.

The need most organizations face

There are several concepts that access management solutions attempt to address. One needs to appreciate that there are two halves to any solution in this space. The first and obvious is the delivery of a common access control and authentication mechanism. This is the process by which an employee or customer is required to provide credentials to identify themselves uniquely which allows them to use the applications for which they are authorized. This is often confused with single sign on, which is in fact an extention of access control whereby they only do that once for all applications. Authentication really refers to the degree to which a user is asked to provide those credentials. This can range from something as lightweight as a user ID and a password to what is referred to as strong authentication that might be a token (secure ID card, digital PKI certificate, etc.) or something like a biometric signature (thumbprint, retina scan, facial recognition, etc.). In order for any solution to validate these credentials, it needs to be done against a secure data repository of the valid users for the environment. These repositories are more commonly being kept in directories, a technology that allows for very rapid look-up as opposed to databases that allow for very rapid update, but relatively slow look up.

The problem with these directory-based user stores is that they can become out of date in a hurry if significant changes occur in th

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.