i’ve been spending a lot of time with prospects and clients. every one of these meetings is set up to talk about identity lifecycle and authN. but every single one ends up in a discussion about authZ. friday afternoon i sat in one of the nicer buildings in uptown manhattan and we were talking to a big media company. we were talking about their homegrown websso solution and how quest may be able to offer them something more robust. i mentioned that our product could also do some basic authZ work and the lead on the project said “if you want to talk about authorization we’ll need two more hours”. i scratched at the surface a little bit, but we only had 20 more minutes for that meeting. “everyone is challenged with this right now if they have even a slightly complex shop” the customer was very clear to state.
certainly, authZ is a big topic. Gartner’s last IAM conference made it clear that getting an authZ strategy in line is the next big task for a well run IT shop. MSFT is ready to take a fresh run at the issue in Geneva with a better chance of success (MSDN Blogs). there are some really cool players in the space like Bitkoo. and there are some really big companies taking the plunge through acquiring, the biggest being the Cisco + Securent take down. but there seems to be a big break in the types of companies i see actively looking into this. it’s the smallest of the big and the biggest of the small. shops that, not coincidentally, have the right kind of budget and the right level of complexity to be far enough along in a maturity cycle that this can edge it’s way out to the front as a real project. but project or not, everyone wants to talk about it. it will be interesting to watch it all play out.
About the Identity Sander
- Buh-bye SHA1. Nice knowing you: Announcing the first SHA1 collision security.googleblog.com/2017/02/announ… via @googleresearch #security #encryption:: 6 days ago
- Physician, heal thyself: @RSAConference WiFi Users Under Attack mobile.esecurityplanet.com/hackers/rsa-co… via @eSecurityP #security #fail:: 1 week ago
- The #security case for #password managers. youtu.be/xHSnHj-zKF4 via @voxdotcom #IAM:: 1 week ago
- Report from @the_brc shows giant shift in retail's focus from theft to #cybercrime as a #threat:… twitter.com/i/web/status/8…:: 3 weeks ago
- The collision of #security and #math geekery - @numberphile covers RSA-129 youtu.be/YQw124CtvO0 #cryptography:: 3 weeks ago
- What does pleading the 5th mean in the age of #IoT? - pacemaker data used in insurance fraud case networkworld.com/article/316274… #security #IAM:: 3 weeks ago
- RT @katherinert15: Why Security Managers are Failing at Password Security bit.ly/2kLB8Ln w? @sanderiam @mubix #passwords:: 1 month ago
- Hope it's more than hype: Bosch, Cisco, Gemalto and More: Tech Giants Team Up For #Blockchain #ioTsecurity bit.ly/2ktrgGv #security:: 1 month ago