Microsoft Updates Identity and Security Apps
Identity and security might sound like topics to discuss with a therapist,
but at Microsoft they're key components in a burgeoning product line. Redmond
this week announced that it's adding some capabilities to a couple of identity
and security applications.
First off, there's Identity Lifecycle Manager, which combines identification
management and certificate management -- sort of the chocolate and peanut butter
of security, as we once
called them, much to the amusement, apparently, of some folks in Redmond.
Anyway, ILM2 -- the "2" part is just a code name for now -- is
in release-candidate mode as of this week. Scheduled for general availability
in the first half of 2009, ILM2 will include a nifty integration with Microsoft
Office that will expand ID and certificate capabilities outside the bounds of
IT to regular folks.
For example, a "knowledge worker" (as in a non-IT person, as if IT
people have no knowledge) will be able to grant or deny an employee permission
to use a network or application via, say, an automatically generated e-mail
in Outlook. In other words, an IT person won't have to do it -- a non-IT manager
will have simple, Office-based control over who gets to do what, and IT will
have control in turn over what the manager gets to do.
"One of the greatest security risks enterprises have is loss of identity,"
John Chirapurath, director of marketing for the Identity and Security Division
at Microsoft, told RCPU in a phone chat late last week. "When somebody
leaves an organization, how does IT know? It's really the knowledge worker who
knows."
There's a customization opportunity there for the channel, Chirapurath, better
known as J.G., said. "ISVs can expand and extend our solution," he
said. "At the same time, there is also a very powerful services story.
Partners can look at the problem of identity management in a holistic fashion
and design the right processes and self-service capabilities so you do identity
management right from day one."
Microsoft's also updating another product, Intelligent Application Gateway,
with Service Pack 2 for the application. "ILM is really all about identity
and certificate management and self service," J.G. said. "IAG is about
using those identities and governing access."
IAG SP2 adds virtualization to the mix, as it'll run as a virtual machine on
Microsoft's Hyper-V hypervisor. It'll also grant partial access to certain applications,
alleviating the "all-or-nothing" nature of access that exists today,
J.G. said.
"Today, access is all or nothing," J.G. (and yes, we like calling
him that) said. "It becomes a very complex problem because either you have
to give [users] all access or no access [to an application]. IAG provides intelligence
to that access -- very fine-grained access." A customer could, for instance,
access an order-fulfillment part of an application but nothing else, J.G. said.
With SP2, IAG will also support Firefox, as well as Linux and the Mac OS. "Access
is not a Microsoft-centric problem," J.G. said. With IAG SP2, hopefully
it won't be a problem at all -- or certainly not one worth talking to a therapist
about.
Posted by Lee Pender on November 04, 2008