'IdM solutions have become a must have for enterprises'

BANGALORE, INDIA: Identity and Access Management (IdM) market is one of the fastest growing, as indicated by industry analysts. According to the Radicati Group, the IdM market, with all of its segments, will grow to over $8.5 billion by 2008.

Persistent Systems has been very active in the Identity Access Management space for some time now and company’s service offering Identityware that enables Independent software/product vendors to interoperate with the Identity Access management is gaining traction among enterprises.

In an interaction with Idhries Ahmad of CIOL, Sameer Karmarkar,  Product Manager, Identity Aware, Persistent Systems, talks about the concept and technologies involved in Identity Access Management and IdM market globally with special reference to India.

“IdM solution is a must have for enterprises for it not only secures the enterprise but also enables enterprises to adhere to regulations, bring in accountability and auditability”, says Sameer.

He and Muneer Taskar, Director Sales, Persistent Systems, Inc also gives a insight into the security preparedness in Indian enterprises and also have a word or two for CIOs as to how to justify their investment in Identity Access management.

CIOL: How does one define the concept of Identity Access Management?

Sameer Karmarkar: Very simply put, Identity Access Management is an integrated system of business processes, policies and technologies that enable organizations to facilitate and control their users' access to critical online applications and resources — while protecting confidential personal and business information from unauthorized users.

It represents a category of interrelated solutions that are employed to administer user authentication, access rights, access restrictions, account profiles, passwords, and other attributes supportive of users' roles/profiles on one or more applications or systems.

CIOL: How do you see the market for Enterprise Identity Access Management globally with special reference to India? Are Indian enterprises waking up Identity Access Management?

Sameer Karmarkar: Globally as well as in India, digital technology is changing the relationship between businesses and their customers, and it will transform the roles of individual workers. The ability of an organization to adapt to this changing business landscape, in part depends on the capacity and flexibility of its digital processes. Its computing infrastructure must be designed to help its users spot competitive threats and opportunities, and quickly organize responses.

Identity information is usually distributed in multiple systems throughout an organization and Enterprise identity management represents the vision that digital identity data, which when distributed, is highly interrelated and requires a holistic approach to management.

Indian companies have also started deploying Identity management solutions as it helps them protect their core business assets and/or facilitates in securely conducting business with their customers, partners.

CIOL: In US, there has already been significant investment by enterprises in Identity and Access Management till date. What would you say are the current drivers for enterprises in a mature IdM market?

Muneer Taskar: As you point out, most US enterprises have implemented identity management systems and have taken steps to provide secure access to individual applications based on those identities. The primary challenge for them now and into the future will be to ensure the same security across increasingly heterogeneous IT environments.

CIOL: By heterogeneous, do you mean the large number of different applications and services in today’s enterprises?

Muneer Taskar: Yes, however, it is also about the numerous sources of identity data that these services and applications work with. The Holy Grail is a single authoritative source of all identity data within the enterprise including authentication credentials (username/password), authorization information (roles, entitlements, group memberships etc) and profile attributes.

However, enterprises today have fragmented data environments, with identities scattered across different, often incompatible, ‘silos’ of information. Moreover, migrating and merging identity data from these fragmented data environments into a single system, if even possible, is a complex, error-prone and expensive process.

CIOL: So what’s the answer?

MT: Just like identity management moved from single directory workflow systems to broader enterprise-wide provisioning systems and access management moved from single-sign-on to broader federated access systems, there is a need for underlying identity data sources to move to an ‘identity-integration layer’. This integration layer will seamlessly encompass all silos of identity data within an enterprise, thus fully leveraging existing investments and eliminating the cost and risk associated with data migration.

CIOL: Does this mean enterprise software vendors will move in this direction to meet this need?

MT: Yes, they already are. The consolidation in the IAM space demonstrates this trend.  Large vendors like Oracle, and more recently SAP, have acquired companies to make this technology a part of their stack. We offer the same benefits to other software vendors through OEM relationships and partner programs. The also exists a significant stand-alone identity integration need in enterprises for vendors like Persistent Systems to address.

CIOL:Does Identity Management solution make sense for SMB's or emerging enterprises?

Sameer Karmarkar: Even for an SMB, or emerging enterprise, Identity Access Management plays a critical role as the threat to data protection is very real for enterprises across. An identity management system is not a monolithic solution that needs to be deployed with a big bang approach.

Enterprises can start small and have a roadmap that deploys more blocks as their needs progress. Each of the blocks would typically be planned at the corporate level but implemented at a granular level of a department or user group. And it is not even necessary that all departments implement all of it before you get to see advantages at the enterprise level.

Your chosen implementation partner should be able to explain the advantages accrued at each stage of implementation. The advantage is, when it is done right, the smallest step can yield significant benefits in improved security, productivity, user experience and reduced administrative costs, which is the most important benefits because analysts estimate that deploying IdM can save companies about $5 to $14 per user, depending on the complexity of the IT environment.

CIOL:  What are the drivers and challenges for deployment of Enterprise Identity Access Management?

Sameer Karmarkar: Numerous factors are boosting IT spend on IdM - such as ever-increasing costs of maintenance of systems and administering users, complexity of heterogeneous environments, business functionalities and IT management in general.

And then there are compliance issues such as Sarbanes-Oxley, HIPAA, RBI Guidelines, BASEL II and EU Data privacy acts, among others. There are also business demands for interaction with external businesses such as partners, channels, suppliers, and integrating other entities/systems obtained through mergers and acquisitions.

The West has grown to the fact of the imperativeness of implementing IdM in enterprises. This is now being replicated in the India and Asia-Pacific regions.  Adding to the complexity is the fact that companies today are present in, and doing business across regions.

With a spate of security breaches, identity theft is also topping the minds of businesses as criminals hack into corporate networks. The breaches cost companies and individuals billions of dollars each year. Moreover, companies have to cater to standards, requirements and regulations that depend on their domain and region of operation. An IdM solution besides, securing the enterprise, also enables them to adhere to these regulations, bring in accountability and auditability.

CIOL: What are the major trends you see in Enterprise Identity Access Management space?

Sameer Karmarkar: The key long-term play for the industry is federated identity. Federated Identity is a system that allows individuals to use the same user name, password or other personal identification to sign on to the networks of more than one enterprise in order to conduct transactions.

The lure of centrally managed authentication and centralized access to resources across multiple network domains, including those of business partners and customers, is obvious. Unfortunately, this technology is still immature and federation remains somewhere on the horizon for most customers, although successful implementations have already begun appearing in the telecom industry and other verticals.

Over time, vendors will have to invest heavily in developing best practices and procedures for key industries before customers will be convinced that federation is worth the effort, or indeed is even feasible.

Over the long term, SOA may prove to be the ultimate driver of identity technologies, as identity management and service orchestration dovetail into a single infrastructure management discipline. For now, however, sustained growth will be the theme throughout 2007. Identity management is still in its early phases in India, but it's never too soon to get on board, because big things are ahead.