Cisco has announced it has agreed to acquire Securent. First, of congrats to my friends there. Well done. Second, I have to wonder about this one. It makes a form of sense to integrate Securent into SONA. That makes sense… at some point. I wonder how baked the addressable market is for fine-grained authorization capabilities managed from the network through the application stack. Abstracting routing tables to business processes and objects is definitely an interesting one, but when does it really transition from an interesting academic exercise into a Cisco-sized market? Third, Andras Cser over at Forrester writes:

I love customer deployment stories. I especially love hearing about vendors deploying their own products. In this case, Sun and Deloitte were talking about deploying Sun Identity Manager internally at Sun. They covered the usual tips for a successful deployment:

• Involve the business
• Planning makes all the difference
• Don’t bite off more than you can chew

Pretty standard stuff that always bear repeating. There were some very interesting other observations:

It’s day one of Digital ID World 2007. This is my third or fourth trip to DIDW. This ever-growing event always impresses with the level and quality of conversation. During the keynotes this morning, I got a glimpse of something small and to me something quite telling. I saw Phil Becker and Eric Norlin, the brains and brawn (I’ll let you figure out which one is which), sitting on the floor off to the side of the packed meeting room. These guys have always put the emphasis on hearing real world deployment stories and in doing so have always elevated their audiences to active participants. To see the heads of the conference sitting on the floor to allow more attendees to have a place to sit is, to me at least, a sign of their character - totally legit.

The final installment of my series on compliant provisioning is up on Audit Trail. For those of you headed to Digital ID World, let me know and we can catch up. (I’m looking at you members of the Mark MacAuley supper club.)

Part two of my three part series on Audit Trail.

The deal is done. To Ed, Volker, and all my friends over at Bridgestream - a hearty congratulations. I have to figure that people are going to start clamoring about market consolidation in the ERM space and it will reach a climax at Digital ID World just a few weeks away. Anyone want to through a prediction of who the next ERM company to get acquired will be? So Ron Rymon of Eurekify threw it out there:

If the 451 Group got it right (as reported in this Dark Reading article), then the bar has just been set for Enterprise Role Management buyout deals. $35 million. $35 million? I can’t tell if that number is high or low. Let’s consider than Access360 and Waveset had estimated price tags of roughly $100 million. Are we to imply that role management market should be sized at roughly a third of the overall provisioning market? That I doubt. The question that I am pondering is - who in the company derives the most value from an ERM deployment? HR? IT operations? IT ops derives value from role mining as it deploys user provisioning. HR can definitely get something out of top-down role lifecycle functions. But in both cases, to unlock that derived value, the company needs another technology to act as a proxy for role technologies. It is hard to derive the value of role mining without a user provisioning system. It is hard to derive value from top-down role lifecycle management without… an HR system. And maybe that’s it. If this is true, and Oracle bought Bridgestream, then Oracle’s strategy is a three staged one. First, augment Oracle Identity Manager with traditional role management and mining functions. Provide strong capabilities to tie business roles to IT roles. Provide role mining capabilities. Second, use Bridgestream’s enterprise/business role capabilities to augment Oracle’s numerous HR systems. PeopleSoft HR + Bridgestream = a very interesting combination. Third, continue to make good on the promise of tying ERP to IdM. If Fusion HR could publish dynamic business definitions (containing roles and organization structures) that OIM could tap, then Oracle customers would be well on their way to becoming more governable organizations. Let’s see if after Labor Day there is any truth to this rumor.

Part one of my thee part series over at Audit Trail on the challenges of provisioning complex, core business systems.

So Mark thinks that I am the first person to take the “when I was you age…” approach to describing user provisioning. He might be right.

I have a bad habit. (Well, there’s a lot of those, but we don’t have time for that.) I tend to come up with really great explanations for things and a) forget to write them down and b) forget what I said in the first place. The same thing tends to happen when I write a blog entry or whitepaper… I go back and look at it and think “Wow! How did I ever come up with that?” Recently, I came up with an easy to follow explanation of user provisioning. This time, for once, someone actually captured it so I can reuse it. And better still, it was videotaped: [Introduction to Identity Management and User Provisioning](Introduction to Identity Management and User Provisioning) via Approva’s Audit Trail