i’ve been spending a lot of time with prospects and clients. every one of these meetings is set up to talk about identity lifecycle and authN. but every single one ends up in a discussion about authZ. friday afternoon i sat in one of the nicer buildings in uptown manhattan and we were talking to a big media company. we were talking about their homegrown websso solution and how quest may be able to offer them something more robust. i mentioned that our product could also do some basic authZ work and the lead on the project said “if you want to talk about authorization we’ll need two more hours”. i scratched at the surface a little bit, but we only had 20 more minutes for that meeting. “everyone is challenged with this right now if they have even a slightly complex shop” the customer was very clear to state.
certainly, authZ is a big topic. Gartner’s last IAM conference made it clear that getting an authZ strategy in line is the next big task for a well run IT shop. MSFT is ready to take a fresh run at the issue in Geneva with a better chance of success (MSDN Blogs). there are some really cool players in the space like Bitkoo. and there are some really big companies taking the plunge through acquiring, the biggest being the Cisco + Securent take down. but there seems to be a big break in the types of companies i see actively looking into this. it’s the smallest of the big and the biggest of the small. shops that, not coincidentally, have the right kind of budget and the right level of complexity to be far enough along in a maturity cycle that this can edge it’s way out to the front as a real project. but project or not, everyone wants to talk about it. it will be interesting to watch it all play out.
Saturday, March 14, 2009
authZ everywhere
Labels:
authentication,
authn,
authorisation,
authorization,
authz,
bitkoo,
cisco,
gartner,
geneva,
iam,
identity,
securent,
websso,
webthority
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment