Just after we clicked over into the new millennium, I stood with a colleague in front of a group of IT geeks from a Queensland government department and tried to explain what we meant by identity management. “In an ideal world,” we pointed out, “whenever a new user is employed, we would take the details from their personnel record and automatically create the required account on the network so they could login and access files.”
“In an ideal world,” we continued, “the user would then also automatically get an email account.”
We finished with, “We call this concept Zero Day Start”. The concept that a user could start using IT systems on their first day of work. No more waiting for accounts to be provisioned, no more manual processing.
Our audience nodded wisely. They were technical. They were the people responsible for manually creating users’ accounts and email. They saw the benefits. They wanted the solution.
Maybe we should have pushed harder to get the message in front of the executive managers.
Maybe we should have taken more heed of the fact that the personnel software was not quite ready for us but a temporary solution using the existing file and print network would be a good start.
Maybe I should have changed career…
Fast forward 15 years …
Some weeks ago, I was presenting an Identity, Governance and Administration workshop to the same Queensland government department. This time there were more than just technical staff in the workshop. This time we were all a bit more knowledgeable (or a bit more cynical).
“In an ideal world,” I pointed out, “whenever a new user is on-boarded, we would take their details from their HR record and automatically create the required accounts on the network and in the cloud so that they can authenticate to the systems they need … but this is not an ideal world, so let’s concentrate on the users we can manage and the data we can access and do what we can to make life a little bit easier.”
My audience nodded wisely – they had heard of this stuff before. Some of it was even in place. But they no longer expected to see “Zero Day Start”. Now they were just happy to see an automated approach to user provisioning, fewer manual processes and a better chance that the data stored for a user will be consistent across the connected systems.
Been there, done that, got the T-shirt
The landscape has changed dramatically in the last 15 years, social networking (MySpace, FaceBook, LinkedIn, Twitter), the advent of the smart phone and the general expectation that people can access everything, from anywhere at any time. The problems faced by Identity Management (or IGA or IAM or whichever acronym is currently in favour) remain the same.
We still need a trustworthy source of authoritative data. Those data still need to cover all users – staff, contractors, temporary and casual workers. With the growing threat from identity theft, it is more important than ever that we ensure those data are managed securely, that privacy is maintained and that evidence of identity is assured before granting users access to systems.
We also have new challenges – the need to federate identities between different organisations, the growing requirement to move infrastructure and services away from the traditional data centres and into the cloud. The growing awareness in the corporate user base of the importance of data security and integrity.
Are we ready, as an industry, to face these challenges? I think we are. Helped no doubt by the fact that what was a relatively new industry 15 years ago is now maturing; that there are many more practitioners with years of relevant experience and that the technology required is constantly evolving.
Will I find myself, in another 15 years’ time, standing in front of a workshop and saying “In an ideal world …” – who knows, but I do hope not.