I wonder how long it will take before companies realize there are actually more identities that will need to be dealt with which originate from the outside than come from their own internal networks. Perspective is always skewed when one views the universe from their center of gravity.
Archive for October, 2006
Following up on today’s earlier post,
I was just reviewing the US Market Outlook for the IT industry report
by IDC and came across this great graphic that they say represents what IT will need to manage in the future. It sort of exacerbates the point doesn’t it. So where do I deploy my firewall now?
Ok, well, firewalls aren’t really dead… yet, but the title got your attention.
I was in a management meeting this morning, and we were talking about how a number of clients are asking Ping Identity to do more and more of the management surrounding their federation initiatives and the entire notion that ‘security is going cross-company, and what does that really mean‘ struck me in a way it never had before.
Phil Becker has been talking about this very fact nearly every year in his Digital ID World keynotes (see slides 8 and up).
The fact is, as enterprises outsource everything possible that’s not core or strategic, they’re going to need ways to control, manage and secure them. That’s where identity and the notions of identity federation come in, and I’m not talking just single sign-on, I’m talking ‘internet-scale security’.
In a sense, the entire notion of a “firewall” as defining what’s protected from the ‘outside’ is simply outmoded. There is no ‘them’ and ‘us’. There is only the difference in how you define and control ‘us’. Companies need ways to maintain security, but they are drawing the lines around what they need to protect all over the internet. The NEW security company will be the one that helps them do that.
The gauntlet has been thrown, and picked up, by my former company, Jabber, Inc. I know for a fact the guys over there take their Foosball seriously. As do we.
This will likely result in carnage.
I missed the original announcement, but apparently on Tuesday Google announced Google Apps, a collection of collaboration tools which can be tied into existing identity directories and SSO. While this is being rolled out in education first, you can see where it could and likely will be extended to enterprise in the future. Here’s some of the article by John Fontanta.
The unique aspect of the education version is a set of APIs that
lets users tie the Google services to existing backend infrastructure
such as directories and single sign-on platforms. Google is using
standards such as the Security Assertion Markup Language to support
single sign-on and a Representational State Transfer (REST)-based XML
interface to link to directory services.
The API set is a hint at what Google plans to offer corporate users when it introduces an enterprise edition of Google Apps
before the end of the year.
are the kinds of things we are thinking about for the enterprise
edition,” says Rajen Sheth, product manager for Google Apps for
Education. “Integration like this is what will be important for the
enterprise edition as well.”
Don’t let the charming good looks fool you. Eric Norlin is a Maverick with a CAPITAL M.
mav‧er‧ick /ˈmævərɪk, ˈmævrɪk/ Pronunciation Key – Show Spelled Pronunciation[mav-er-ik, mav-rik]
noun. one who
takes an independent stand apart from his or her associates.
adj. Being independent in thought and action or exhibiting such independence.
“I chose mavericks, because we had to do the impossible.” Tommy Thompson — Ships of Gold in the Deep Blue Sea
While on the subject of Mavericks, if you haven’t read the new book “Mavericks at Work: Why the Most Original Minds in Business Win” by William C. Taylor and Polly G.LaBarre, you should consider it.
A friend of mine, Bernie Daina forwarded this great quote to me yesterday.
“A corporation doesn’t have a culture. A corporation is a culture….there are
no techniques for building ideologies, no five easy steps to a better culture.
These are built slowly and patiently by committed leaders who have found
interesting missions for their organizations and care deeply about the people
who perform them. To my mind, the critical ingredient is authenticity. In
fact, I believe in a kind of psychic law of management here: that workers,
customers, everyone involved with management, no matter how physically distant,
can tell when it is genuine in its beliefs and when it is just mouthing the
— Henry Mintzberg, Canadian Management
Theorist and McGill University Professor, in Mintzberg on Management
I was reading an extremely articulate and insightful post by Mike Neuenschwander of Burton Group today called Law of Relational Symmetry.
This is a deep blog post that discusses how asymmetry in people to organizational relationships leads to exploitation, typically by the organization, especially when it comes to divulging personal information.
I suspect that perfect symmetry is actually, for the most part, unobtainable for a number of reasons, the least of which is the fact that organizations have always had more resources by which to tip the equation than individuals — but therein might be the point of all this user-centric talk.
I’m a bio major, and while symmetry is certainly used to describe
methods of redundancy within a single organism, it’s rarely used to
describe the relationship between two or more organisms. What has me intrigued about this conversation is how one might go about better understanding the variables that go into the basic equation which sits underneath buyer-seller, people-organization interactions.
I suspect that with new tools which empower the end-users ability to better control their identity information (when it’s shared and how), the balance of power will likely shift towards a somewhat more balanced equation — note however that the ‘equilibrium’ state doesn’t necessarily mean 50/50 in balance. I suspect also that these new mechanisms might dissipate some of the leverage that organizations have created through the aggregation of information which might in the future, be deemed too ‘static’ to maintain it’s utility in a more real-time world.
Life is short. I was having lunch with a bunch of Ping folks today, and we were talking about how much fun it would be to have some sort of identity industry competition. We proceeded to take inventory of our collective talents. We’re a small company, but some of the guys play a mean foosball. If others were interested, I could attempt to arrange a day of festivities to coincide with next years Digital ID World in San Francisco in September. This could be a lot of fun.
• Ping Pong
• Shortest time to setup a federation connection?
• CEO Cagematch?
Ping’s located in Denver, so we’re off to a good start on our high-altitude training!
Warning. Nate Llerandi is quite the athelete, so you might not want to challenge us to anything having to do with bicycling.