Identity Management Blog

Anyone who has ever played a part in an Identity Management implementation knows that testing is an essential step in the process, but few understand how to test effectively. There has never been – and will never be – a bug-free implementation. There will always be broken links, inadequate code, and behaviors that simply don’t match what was expected. That’s why we do testing in the first place. As code is implemented, different methods of testing are utilized; including integration, functional, non-functional, and user-acceptance testing. In this three part series, I want to share some of ...
Read More
“The Importance of Planning an Identity Management Strategy in Healthcare - A Case Study at South Jersey Healthcare” is the title of the session that I will be co-presenting with François Bodhuin, Technology Director at South Jersey Healthcare, during the NJ-DV HIMSS (Healthcare Information and Management Systems Society) Fall Conference.
In our last two entries, I blogged about the changing faces of the stakeholders of an Identity and Access Management (IAM) initiative. The first entry described the stakeholders during the inception phases of the initiative, while the second entry focused on the stakeholders that are needed in order to get the IAM initiative funded.  This entry will focus on the "Off to the Races" phase of the ...
Based on feedback received from nearly 100 IAM projects (and counting), it's abundantly clear to us that organizations that have taken the up-front time to set-up an IAM Governance Body prior to detailing the specifications of the solution are typically far more successful than those that have chosen to 'play it by ear.'  Unfortunately, too many organizations shy away from establishing an IAM ...
Given the increased relevance of NERC CIP compliance in the Energy sector over the last 12 months, we have been focusing on this topic from an Identity and Access Management (IAM) perspective since early this year.  Our CTO, Ash Motiwala posted a couple of very good blog articles on this subject: A NERC CIP Quick Win = Recertification + Closed Loop Deprovisioning and An Introduction to NERC CIP ...
Hard to believe, but I've been in Identity and Access Management for 14 years. Time flies when you're having fun. Over this time I've grown and my hair has gone gray a bit. I've been reflecting on my journey so far:  If I had a chance to go back to a particular point in time, I often ask myself, what would I have done differently? The answer? A few things-personal and professional. For one thing, ...
First off, I would like to express my sympathy to victims of the terrible earthquake that hit Haiti. I can only wish that the rescue and recovery efforts yield positive results.
In part 1 and part 2 of the series on roadmap development, we covered scenarios where you should not develop an IAM Roadmap and some of the prep work towards developing one.  In this entry, we'll cover the actual steps of working out a roadmap.  Hat tip to Luca, who left a comment on part 1 of this series which helped provide some direction for this blog post.  Luca asked: How can a long-term ...
In Part I of this series, we covered why a corporation may (or may not) need an Identity Management Roadmap. In this post, we'll briefly cover its prerequisites. Roadmap Development should be viewed as a discrete task that is only one component of an Identity Management Workshop. In fact, Roadmap Development should be the last (or one of the last) tasks in your identity management assessment. ...
Since we've performed more identity management workshops for our customers than I care to count, I thought a blog series was in order to provide some of our insights into aiding corporations develop an Identity Management Roadmap (which is a step by step guide for your organization to follow when deploying an identity management solution).   I got a chance to sit down and interview some of our ...