Identity management (ID management or “IDM”) identifies individuals in an IT system, and controls access to resources by connecting that identity to a combination of user rights and restrictions. Within organizations – either public or private – these identities can be roles-based, as opposed to being identified with a specific function. This is true also for external access to the varying roles played by private sector customers and users of government services.
“In Canada, by and large most firms haven’t taken the time to classify their data,” says Dave Senf, director of Canadian security and software research for IDC. “And it’s really in its infancy for firms to be able to talk to each other in a meaningful way from a user-based perspective.”
It is also early going for simple roles-based IDM within organizations, but that’s about to change, and not just because potential customers get it, or because the vendors are wowing them with revolutionary technology: it is the regulatory and compliance requirements that are largely driving demand.
Francois Daigle, director of professional services for Okiok Inc., a security and authentication software development company in Laval, Que., says that although Canada is in the early stages, larger companies are getting there.
“Most of our large customers are driven by compliance issues. If they are financial firms with U.S. exposure then there is Sarbanes-Oxley (SOX) to think of, and in Canada there is Bill C-198,” says Daigle. “And this can move out of finance and to large retail or pharmaceutical companies.”
Certainly, although the regulatory environment may affect different vertical market sectors in unique ways, those independent software vendors (ISVs) selling into the market see IDM as a cross-industry, horizontal solution.
Idan Shoham, chief technology officer for Calgary-headquarted M-Tech Inc., which publishes a suite of IDM software, agrees that IDM is driven more by scale than industry.
“We typically see customers having about 10,000 and up users,” says Shoham. “But where we do see a bit of variability is in that threshold. For example, companies in heavily regulated industries or with very deep pockets will typically have a lower threshold before this kind of technology makes sense.”
In effect, for some industries the benefits justify the costs. It’s getting easier, too, because companies like M-Tech and Okiok (partnered with Siemens) are adding capabilities all the time, as are some big players, among them IBM (Tivoli), Microsoft, Oracle, Sun (iPlanet), and Novell.
M-Tech’s Shoham points out that a subtle but important industry trend is the desire to rein in deployment costs. Right now, if a company purchases a user provisioning system, they can expect to spend up to 10 times the purchase price on professional services for installation, configuration, testing and roll out.
“That's just crazy,” says Shoham. “The vendor community has to work harder to bring it down.”
This means that for vendors a main focus should be product engineering to find ways for deployment to be faster and easier.
icon.
