Security and privacy issues are increasing, with crosswinds coming from stricter regulatory environments, as well as an understanding that each new technological enablement introduces the potential both for increased risk as well as enhanced security. This is where roles-based ID management comes into play, as it can offer organizations an umbrella approach to securing their entire infrastructure. It will certainly be big news in 2008, but don’t expect the majority of Canadian organizations to get it all done so fast.
“There are many vendors with their own technologies,” says Dave Senf, director of Canadian security and software research at IDC in Toronto. “The goal is cross-vendor and cross-platform for identity and access software. It shouldn’t be done in isolation, and although there have been efforts to get agreements among vendors, it is a slow process.”
2008 will see roles-based ID management discussed in a broader perspective. This is not only about internal company access, but also about organizations communicating to each other securely. The first big step, which isn’t a lot of fun and will be a major focus in the coming year, is for companies to classify data in support of a roles-based system.
The field is crowded, and the number of vendors with deep account relationships and some form of roles-based solution suggests that there will be a big push in 2008. Companies such as Computer Associates, Novell, IBM, HP, Sun, EMC/RSA, Microsoft, Citrix, and Calgary-based M-Tech are all in the game.
Services will also be driving this story in 2008. Vendors talk about software as part of an overall solution, but integration requirements, and the money that is made there, will mean that third party SIs and consulting firms will be talking up roles-based ID management in 2008.
TRENDS TO WATCH IN 2008