Archive for the ‘Identity’ Category

SailPoint IdentityIQ 3.0

September 8, 2008

Today, SailPoint Technologies announced SailPoint IdentityIQ 3.0 (formally known as ComplianceIQ), an all encompassing identity governance solution featuring:

SailPoint IdentityIQ 3.0

If you attending Digital ID World this week in Anaheim, CA, be sure to attend an Enterprise Role Management Workshop hosted by SailPoint to learn more.

Technorati Tags: , , , , , ,


Congrats to the OpenDS Team

July 11, 2008

Congratulations to Ludovic Poitou and the entire OpenDS team for the release of OpenDS 1.0.0!

200807110931Having worked with Ludo over the years I know how happy the team is to obtain this latest milestone for a great Open Source Directory Server in Java. Having worked with Directory Service products over the last 10 years, the release of OpenDS is even more exciting as it represents a next era in directory service products. For those out there looking for a scalable, easy to use and state of the art, you should definitely check it out. The Java platform allows you to install this OpenDS, from the web, in minutes on a multitude of platforms. It runs great on my MacBook.

As a member of the Project OpenPTK, I am equally excited to see a sister Identity Management project obtain this milestone.

Technorati Tags:

OpenPTK Update…

July 9, 2008

Yesterday, Scott, Derrick and I held our Q3 OpenPTK Meeting. The goal was to discuss the final todo’s around the release of OpenPTK version 1.1. You can view the Meeting Minutes to see what we discussed. Some items discussed of particular importance:

Documentation Wiki
Of interest, we’ve been working on a public wiki that we hope to use for documentation of the 1.1 release. The easy link to remember is:

You’ll see that this redirects you to Sun’s Wiki – Project OpenPTK Site. Feel free to bookmark either. Note that the wiki is still under construction. Feel free to submit any comments you feel would make it easier to use.

Downloads, Code, Issues and Project Info
And as always, we are still keeping Downloads, Code, Issue Tracking and Project Info at Sun’s web site. The easy link to get there will continue to be:

Version 1.1 Release
Although we haven’t finalized the actual date of the version 1.1 release, we’d characterize it as being pending. With this release, we’ll provide a Release Notes Guide with the new features to version 1.1. As the date becomes available, we’ll be sure to send an email to the OpenPTK mailing lists or mention it on one of our blogs.

OpenPTK Mailing List
You ask, “How do I get on the mailing list?” Follow these easy steps:

  1. If you have already, Join Us! (You need to create/have a login)
  2. Click on Mailing List to join one of the mailing lists (announce and users are a couple of good ones).

Thanks and keep the comments coming!


Technorati Tags: , ,

SailPoint Hospitality Suite – Burton Group Catalyst ’08

July 1, 2008

Had a little fun with the video that I shot at our SailPoint Hospitality Suite at Burton Catalyst ’08 Conference last week.

Hats off to Melanie and the SailPoint Marketing team for putting together! All the fresh seafood, drinks and demonstrations of SailPoint ComplianceIQ was enjoyed by all.

Technorati Tags: ,

Auditing Privileged User Access

June 26, 2008

You may ask, what is Privileged User Access. An aspect is when a developer has access to root access on a Unix system or Administrator access to an AD Domain. I’m sure that happens often in your shop. Over the years, at past companies, I can’t count how many systems, including production customer systems, that I’ve had root access to. And at a minimum, these weren’t secured with even the most basic open source controls like sudo.

So, I ask, of all your Unix systems or AD domains, when you see someone login as root:

  • Do you know who that person is?
  • Is it someone on your staff?
  • Maybe a vendor or partner?
  • Maybe a competitor?
  • And even if it is a friendly, should they have that access?
  • What controls do you have in place to audit that access?

CloakwareA couple of weeks ago, two leading vendors, Cloakware and SailPoint Technologies, in Privileged User Access and Governance, Risk & Compliance announced a partnership to deliver the industry’s first privileged user audit and compliance management solution.
With this combined solution, you not only get the security of knowing who has access to privileged user accounts, but also the ability to tie Governance, Risk and Compliance around that access.

In other words, my CIO can verify that Terry Sigle has root access to systems A, B and C while my CISO can audit, review activity and provide a role based definition around that access. This closed loop compliance will allow my enterprise to pass the related SOX controls around privileged user access.

I’m currently working on some prototypes around this combined solution and look forward to providing more details. I’d be interested if you have any good stories around privileged user access and how you’ve dealt with audit controls and roles around this.

Technorati Tags: , , , ,

Call for standards…Open Role Exchange

June 24, 2008

This past week, SailPoint Technologies’s CTO, Darran Rolls, submitted an open letter to the community for a discussion and call for standards around the exchange of role models, including items such as:

  • Common Exchange Format
  • Query & Exchange Operations
  • Change Control and Delegated Administration
  • Role Mapping and Resource Referencing
  • Common State Model

And in doing so, a new site was launched:

As Darran mentioned in a recent podcast, Role Interoperability is the next big standardization drive in corporate identity. In my travels and work with customers over the past 18 months, every identity project identifies role proliferation as a major problem across systems. Today, we have so many different provisioning solutions, role management products and enterprise applications all authoring their own definition of a role model. Getting these role models to interoperate with each other is making the CIO/CISO’s job much more difficult. These conflicting models along with the growing requirements for SOX based policy’s make it even more difficult.

Products like SailPoint’s ComplianceIQ and it’s Role Management capabilities provide a solid role model for an entire enterprise. These roles can be shared with leading provisioning solutions and enterprise applications, but at a cost. Every integration is somewhat custom and without a common schema or exchange format, some role model specifics can be lost in translation.

So, I’m looking forward to what the industry can come up with in this open call for standards. I hope that this role exchange format can bring out the best in all products with the ultimate goal of supporting that CIO/CISO’s focus on business roles without concern for each product’s rigid definition of a role model.

As this is an open call, I hope to follow this blog with my own interpretation of the key areas I bulleted above. I welcome any comments or suggestions. I also hope to see you out on the Open Role Exchange forum. My id is terry.

Technorati Tags: , , , ,

See you at Burton Group Catalyst NA ’08

June 2, 2008

I’ll be in San Diego for the Burton Group Catalyst Conference North America 2008. I hope you can join us this year.

Be sure to stop by the SailPoint Hospitality Suite and say hi Wednesday Evening!

Technorati Tags: , ,