The Problems With Identity & Access Management
I am never a fan of being the bearer of dramatic bad news - "this industry is dead!", "that standard is dead!", "why are you doing it that way, that is so 2001!". Processes, industries and technologies appear, evolve and sometimes disappear at their own natural flow. If a particular problem and the numerous solutions are under discussion, it probably means at some point, those solutions seemed viable. Hindsight is a wonderful thing. With respect to identity and access management, I have seen the area evolve quite rapidly in the last 10 years, pretty much the same way as the database market, the antivirus market, the business intelligence market, the GRC market and so on. They have all changed. Whether for the better or worse, is open for discussion, but in my opinion that is an irrelevant discussion, as that is the market which exists today. You either respond to it, or remove yourself from it.
This week saw the first European Open Identity Summit hosted by identity management vendor ForgeRock . Following hot on the heels of the US summit, that was in Pacific Grove, California in June, the sold out European event, brought together customers, partners, vendors and analysts from the likes of Salesforce, Deloitte, Forrester and Kuppinger Cole amongst others.
Whilst the weather was typically October-esque, the venue was typically French chateau, set in panoramic grounds, with great hosting, food and wine to keep everyone in a relaxed mood.
The agenda brought together the key themes of the modern identity era, such as standards adoption (XACML, SAML2, OAuth2, OpenID Connect, SCIM), modern implementation approaches (JSON, API, REST) through to the vision for modern identity enablement for areas such as mobile and adaptive authentication, all whilst allowing customers and partners a chance to collaborate and swap war stories with some great networking.