Enterprise Provisioning vs. Federated Provisioning

The differences/similarities between Enterprise Provisioning and Federated Provisioning Security: Identity Management Alert NetworkWorld.com | Security Research Center | Update Your Profile Sponsored by Dell Dell Latitude Mainstream E6400 & E6500 Featuring dramatic innovations in performance, durability and security, Dell Latitude Mainstream laptops provide exception productivity and a low TCO Spotlight Story Enterprise Provisioning vs. Federated Provisioning By Dave Kearns When last we spoke I left you thinking about deprovisioning both your people from apps you don't control or your apps from people you don't control. It's a big issue with software-as-a-service (SaaS) and federated provisioning. It was the Burton Group's Ian Glazer who said: "...there should be no reason why deprovsioning from an application like Salesforce.com is any harder than deprovisioning from LDAP." And, in truth, maybe it isn't. Read full story Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management. Related News: Provisioning and federation Federated provisioning is the topic, and the raging dispute about its pros and cons is today's subject. It started with the comment by Daniel Wakeman (CIO, Educational Testing Service), who said "It's a 'huge shortcoming' that SaaS [Software-as-a-Service] vendors do not embrace 'federated identity management' standards allowing centralized identification and validation of users via a single sign-on process..." The promise of provisioning Way back in the dark ages, 10 whole years ago, I first wrote about provisioning as the "killer app" for Identity Management. Actually, I called it the killer app for directory services, since the identity management tag hadn't yet been promulgated. In a piece I wrote for Novell's Web site (now, sadly, no longer available), I touted Business Layer's eProvision Employee application and talked about what was to come. Sometimes prognosticators are wrong. E-provisioning's dirty little secret It was just four years ago, that I was strolling through "Start-up City" at NetWorld+Interop Atlanta in 1999 and stumbled across a new company, Business Layers, touting a brand new application called "eProvision Employee." I was intrigued, and I had a few minutes to kill. I fell in love. Here was the application that could finally bring directory services and identity management into the mainstream. Provisioning/de-provisioning in the education sector I'm at the Catalyst Conference in San Diego this week - say "Hi!" if you see me wondering the halls - but the news from the show will have to wait until next week's newsletters. Today I want to finish something I touched on recently - provisioning/de-provisioning in the education sector. Provisioning/deprovisioning problematic for a third of organizations Every time we think we've finally gotten a handle on the user provisioning/deprovisioning issue something comes along to disabuse us of that notion. In this case it's the results of a survey of attendees at last spring's Directory Experts Conference (DEC) put on by NetPro. Novell aquisition bolsters ID governance portfolio Novell has quietly bolstered its ID governance portfolio after acquiring the technology assets of a tiny British company and signing a 'perpetual' licensing deal with California-based ActivIdentity. Proposed Law Saves Internet User Data In the most recent effort to thwart child predators online, both the U.S. House and Senate are considering bills that would require any Internet access provider -- possibly including public Wi-Fi hotspots -- to retain Internet user data for up to two years. Recession Makes IAM More Important Than Ever Any economic downturn brings new risks to your organization. Nervous employees who fear downsizing may be tempted to gain unauthorized access to sensitive information stored across applications while temporary workers are less loyal and identity verification processes for full-time employees may not be used, making your organization more susceptible. Hackers steal thousands of Wyndham credit card numbers Hackers broke into a computer at Wyndham Hotels and Resorts last July and stole tens of thousands of customer credit card numbers, the hotel chain warns. Obama’s Electronic Health Records initiative could usher in a new wave of ID theft With the stimulus bill all but signed it looks like the government will be handing out $19 billion in an effort to digitize America’s health record system. The problem is we have a noble goal but no plan or direction on how it should be accomplished. The stated goal, which has garnered substantial support, is to build a National Electronic Health Records (EHR) system. But the plan or direction on how to get us there is completely missing from the stimulus bill. Who goes there? Identity management is all about who you are and what you should be allowed to do. This Product Guide describes the technology and how it works. February giveaways from Cisco Subnet and Microsoft Subnet Up for grabs: One American Express gift card worth $250 from Global Knowledge; One Microsoft training course worth $2,995 from Global Knowledge; 15 copies each of the hot book titles Voice over IP Security, and CCNA Wireless Official Exam Certification Guide and 15 copies of Exchange Server 2007 How-To: Real Solutions for Exchange Server 2007 SP1 Administrators. Get all the entry details here. Tweet to compete Smart social networking has become essential for most IT execs. 2009 MWC highlights Mobile World Congress: Cool gadgets and hot new tech from the world's largest exhibition for the mobile industry. Sponsored by Dell Dell Latitude Mainstream E6400 & E6500 Featuring dramatic innovations in performance, durability and security, Dell Latitude Mainstream laptops provide exception productivity and a low TCO Preparing for the Next Cyber Attack. Ensure you are up-to-speed on the latest security technologies available to keep your network safe. Get a thorough assessment of the corporate security threat landscape. Protect your network with data leakage protection, NAC and other technologies. Download this Executive Guide now. The Power of LAN Test Tools. Successfully deploy a wired/wireless Ethernet network and keep it running with exceptional up-time. Ensure your network is ready for new technologies by running assessment tests that provide you with the data you need. Resolve connectivity issues and quickly address network performance complaints. Get all of the details today. Download this whitepaper now.   02/23/09 Today's most-read stories: Want to close your LendingTree account? Sorry, no can do Forget the Oscars: Sit back for the 404 Awards Security researcher Kaminsky pushes DNS patching HP cuts pay, benefits after poor financials Conflicker worm gets an evil twin Stimulus bill aims for 'national broadband plan' The ultimate browser security face-off Kanye West designed X-rated Mario-like video game 9 dirty tricks: Social engineers' favorite pick-up lines JTAG Hacking Product Guides Get side-by-side product comparisons, buying tips, market trend information, case studies and more with Network World's Patch Management Product Guide. Visit now Compare products, get advice, and check out tests and reviews from the experts at Network World. Over 70 categories. Visit now   This email was sent to security.world@gmail.com Complimentary Subscriptions Available for newsletter subscribers. Receive 50 issues of Network World Magazines, in print or electronic format, free of charge, Apply here. Terms of Service/Privacy   Subscription Services Update your profile To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. Unsubscribe Network World, Inc., 492 Old Connecticut Path, Framingham, MA 01701 Copyright Network World, Inc., 2009 www.networkworld.com