Untitled Document

Security: Identity Management

Network World's Security: Identity Management Newsletter, 11/07/07

Surveying the GRC landscape

By Dave Kearns

Governance, Risk and Compliance (GRC) Management is fast becoming the No. 1 topic of conversation in the enterprise identity field. Among the leaders in the space is San Jose’s Agiliance and I had the opportunity last week to chat with their new Vice President of Marketing, Patrick Kerans.

Kerans came to Agiliance from Counterpane Internet Security (now BT Counterpane), Bruce Schneier’s well-respected managed security company. He’s no stranger to the world of securing digital assets. And that’s generally how you can describe the GRC space – managing the organization’s digital assets in such a way that business gets done, regulations are complied with, and nothing that should be kept private is revealed.

Webcast: Get the latest on NAC

Learn the latest on Network Access Control in Network World's Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected.

To learn more click here.

Kerans was on the phone to let me know about the upcoming release of Agiliance IT-GRC 3.0. Well, “upcoming” at the time, but shipping now. He differentiated Agiliance’s offering from it’s competitors by talking about the new Enterprise Risk Management (ERM) module that enables organizations to model risk scenarios that encompass operational risks as well as traditional financial risks.

In words only a Marketing VP could utter, he said: “By pulling opinions from multiple stakeholders via Web-based surveys and workshops, across multiple divisions and geographies, and integrated with automated IT risk data from underlying infrastructure, Agiliance IT-GRC 3.0 provides the holistic view and feature set required to implement effective Enterprise Risk Management programs.” That is, the service doesn’t rely on pre-packed data, or “sniffed and analyzed” packets but also actually involves the people who know the organization best to help design the GRC model that, in the end, is implemented.

It’s an interesting approach that requires the involvement of the business side of your organization. It might not be right for everyone, but if it is a good fit for you, then it will be a very good fit.

There’s a whole lot more to the product, of course, much more than we can review here so you’ll have to do that on your own. But it won’t be time wasted.

Free downloads, as noted :

* “Surviving an Identity Audit” a white paper by NetVision’s Matt Flynn
* “Federation Server vs. Open Source Toolkit” a White paper from Ping Identity
* “A Guide to Active Directory Replication” Author & teacher Laura E. Hunter’s step by step approach

Article

Editor's note: Starting Monday, Nov, 12, this newsletter will be renamed "Security: Identity Management Alert." Subscribers to the HTML version of this newsletter will notice some enhancements that will provide you with access to more resources relevant to identity management. You will still receive Dave Kearns' analysis of this market, which you will be able to read in its entirety online at NetworkWorld.com, along with links to relevant news headlines of the day. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.

What do you think?
Post a comment on this newsletter

Contact the author:

Dave Kearns is the editor of IdM, the Journal of Identity Management as well as a consultant to both vendors and users of IdM technologies. He's written a number of books including the (sadly) now out of print "Complete Guide to eDirectory." His other musings can be found at the Virtual Quill, an Internet publisher which provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail. Comments to this newsletter can be e-mailed to Dave here.

This newsletter sponsored by Courion Corporation

Webinar: Role Management & Provisioning
Register now for a live webinar November 8 featuring best practices you can utilize when implementing your identity management strategy. Learn how Courion customers have deployed automated provisioning and role lifecycle management to deliver operational efficiency, improved productivity and the ability to demonstrate policy and regulatory compliance in their organizations.

Archive of the Security: Identity Management Newsletter.

BONUS FEATURE

90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds.

Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount)

PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.

SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

Advertising information: Write to Associate Publisher Online Susan Cardoza
Network World, Inc., 118 Turnpike Road, Southborough, MA 01772
Copyright Network World, Inc., 2007