IT directors need to consider changes both to business
processes and the management of applications to roll out an
identity management strategy successfully, delegates at last week's
Burton Group Catalyst Conference in Barcelona were
told.
Identity management is a way to tighten access to applications
by associating a user's log in details with their job role. It can
simplify usability, as a single password enables the user to access
all the applications they are authorised to use.
The conference was shown how two multinational companies had
implemented identity management for their end-users.
Robert Rodger, head of group IT security at HSBC, said,
"Identity management is both a business problem and an IT
problem."
With more than 284,000 HSBC staff worldwide, Rodger's goal has
been to simplify access to the bank's IT and support
compliance.
The way he is putting together user identity management is being
driven through the human resources department. The process uses
auto-provisioning and de-provisioning of authentication for users
as they join and leave the company.
To ensure applications support identity management, Rodger said
that the services for identity management needed to be part of the
IT infrastructure. This reduces the need for application developers
to understand the technology.
Instead, identity management becomes a service which application
developers use for user authentication. "The application developer
does not need to know anything [about authentication]. The
infrastructure just works," said Rodger.
The same principles are being used at pharmaceuticals firm
Novartis. Its ongoing identity management project is based on a
standard Java module. This has meant J2EE-compliant applications
did not need modification to support authentication, said Denis
Diodati, global solutions architect at Novartis.
As a result, authentication for applications such as SAP, Ariba
and those based on BEA Weblogic, works out of the box, he said.
Along with making it straightforward for application developers
to use Novartis' authentication service, Diodati has put in place
an application portfolio management process to ensure new
applications comply with the authentication strategy.
Read article: HSBC's IT investment