At its annual Brainshare user conference last month, Novell Corp. announced two new architectures around identity management, a topic that one Canadian attendee says is currently one of the enterprise’s biggest pain points.
Brad Holub, CIO of Toronto-based Sherritt International Corp., attended the event in Salt Lake City, where he had a chance to hear keynotes on the topic from Novell executives and talk to the vendor about identity management solutions.
Sherritt, a diversified resource company that produces thermal coal, nickel, cobalt, oil and electricity, is in the middle of rolling out Novell’s NSure identity management product as part of an IBM Websphere portal project.
The project will take up the rest of the year, he said. Other than its Toronto headquarters, Sherritt has business units in Calgary — Holub’s home base — as well as in Fort Saskatchewan, Alta. Each business unit has traditionally operated as an individual entity, making it difficult to control information access, he said.
Regulatory compliance has also pushed Sherritt in the direction of identity, he added. The corporation has 50-per-cent ownership of Luscar Ltd., the largest producer of low-sulphur thermal coal in Canada. Since Luscar is traded on the New York Stock Exchange, it must be Sarbanes-Oxley compliant, which impacts the way Sherritt must keep track of employee identities, roles and access to company resources.
Without an identity management solution, “having the handle on who has the rights to what, and who has the right access to the right information,” would be difficult, he said. The same message took centre stage at Brainshare. The vendor announced the two new architectures, dubbed Identity Services Foundation (ISF) and Application Services Foundation (ASF), available as a set of modular software development kits (SDKs) for Novell’s hardware and software partners.
The kits will include an integrated security and application services stack combining open source technology and commercially supported software. Developers will be able to build and deploy open source-based solutions that provide a customized, aggregated view of identity information from different sources, according to Novell. Technology and common services from ISF and ASF will be included in Novell products, as well as partner products.
In his opening keynote at the event, Novell’s CEO Jack Messman said the introduction of the ISF and ASF SDKs is part of the overall identity management strategy Novell has been refining over the last year.
“Security challenges are becoming more complex, which has [led] us to look beyond what security is,” particularly in the identity realm, he said. “Currently managing the what, who and how [of company resource and information access and use] is a messy situation. Every business has different policies about who has access to what. IT [works] very hard just to deliver basic access to users.”
Despite the effort, he said, the system often collapses when confronted with major changes — such as when an employee leaves and IT cancels his or her access to company e-mail and other information; or when an enterprise introduces a new application that only certain employees are supposed to access.
The goal of Novell’s identity strategy is to “enable organizations to design systems that flexibly adapt to the needs of the business,” Messman said. He said Novell envisions identity as managed through a set of roles and policies that enable process and context automation and “adds intelligence to every part of the IT infrastructure,” by measuring who has access to what, and how, he said.
This is a good time for Novell to concentrate on identity-driven computing, given the “perfect storm” IT departments face when it comes to managing people, applications and resources, added David Litwack, senior vice-president and general manager for Novell’s identity-driven products group.
He said a combination of factors is creating a “volatile time” in the identity management space: enterprises are adding new devices for employees to use and fragmented systems often don’t play well together. This makes it tougher to get a single view of an employee’s identity and role.
To encourage the growth of identity-driven systems, Novell is focusing on three target areas: identity access management, where access to company resources is automated, based on policies and people’s roles; the delivery of applications in personalized ways to individuals based on their role within the company; and resource management, which would allow appropriate company resources to be delivered to the right people and track which employee is using which resources, Litwack said.
Quick Link: 052286