Archive for the 'IDM' Category


New Job

For the last few years, my employer has been working on a project for system-wide — dare I say “enterprise”? — identity and access management. As I have more than a casual interest in digital identity and identity management, I’ve been watching the project out of the corner of my eye. For the past year or so it’s been increasingly clear that progress is being made and they will release something valuable to the organization and ultimately to our students. One of the important activities this year is to hire staff to work on the project. They posted positions, and a few weeks ago I joined the team.

So what will I be doing? According to the position description, my first responsibility “is to be the senior IAM technical security engineer involved in the design, development, and implementation of MnSCU’s enterprise, multi-campus IAM system.” I will also have “primary responsibility for the daily support of MnSCU’s enterprise IAM system – including the development, QA, and production environments.”

Holy frell, what have I taken on?

If you look at an org chart — which does not show the exceptional people from other groups that participate in the project team — I’ll be the developer on a team consisting of an architect, a business analyst, and a developer. But on such a small team, being a developer means more than just writing code. I need a broad and deep grasp of everything we do, from requirements through to the hardware. It also means day-to-day support of our software and a rapidly growing user base.

It means I’m really damn busy.

After years of being underchallenged, I am at last facing a serious challenge, trying to make sense of all the work that’s been done — in the past year especially — while still trying to contribute in a meaningful way. I am being pushed, and to be honest, I feel a wee bit overwhelmed. Every now and then the scale of what we’re trying to do hits me, and the feeling that I am up to my eyeballs in work is replaced by the sense that I am so far underwater it’s not even funny.

I’m loving it. And I’m hoping that my coworkers won’t strangle me too soon.


Sun IDM Podcasts on OpenSSO and OpenID

It’s time I started wrapping my head around identity management again. Of immediate interest are OpenID and OpenSSO. I’ve been watching OpenID develop out of the corner of my eye, but not paying careful attention. It’s time. The buzz level has gotten too high to ignore, and despite concerns about its limitations, it’s clear that OpenID is going to be a player. I’m particularly interested in how OpenID can work as part of a larger strategy, doing its work in scenarios where it fits nicely (e.g. simple authentication), turning to more heavyweight SAML et al where necessary. As if by magic, the Sun Identity Management Buzz podcast started up again in earnest, with an episode on OpenID (with Coté!) and one on OpenSSO. And sure enough, the OpenSSO episode brings up the OpenID/OpenSSO interop question. Looking forward to more.

Blogging, IDM

Burton Group Enterprise Licensing

Scott Mark points to Burton Group’s new Identity Blog, and he’s right: it’s quite good (in the American, not the English sense of the phrase). Subscribed.

He goes on to praise their enterprise licensing. I agree. When my employer first took advantage of this licensing and gave us all accounts, I had two reactions. First, I was put off because the email from Burton announcing my account came out of the blue and I assumed it was spam. Bad form. Second, I wondered why the hell I would even want access in the first place. I had no idea who Burton Group were, and my impression of large analyst firms had been very negatively colored by experience with Forrester and Gartner (“writing” reports in PowerPoint? WTF?), neither of which I had direct access to but that seemed to have led to some sadly uninformed decisions.

I ignored the service completely until earlier this year, when I felt suddenly compelled to learn everything I could about digital identity and read everything I could get from Burton Group. (If you ever explore identity management, you need to read a lot, because none of it makes sense until you’ve read it all.)

Now I read almost everything they publish. Why? Eric Sink makes a distinction between developer and programmer that I find useful. A programmer specializes in writing code, but a developer gets involved in many ways in developing software. I am not just a code monkey. As much as I live writing code, not only would focusing on that to the exclusion of all else be bad for my career, it would be boring. Instead I find myself contributing in a number of ways to any project I touch. I need and want to understand the business behind what we’re doing, the big picture behind the technology I work with, the industry trends that are informing decisions being made at the top. Burton Group’s papers generally drill down into a reasonable level of detail, so I don’t feel like I’m just getting the highlights.

The benefit to my employer should be obvious.

So to whoever set up this access: thank you.

It’s also good to see Burton Group doing more blogging. The CEO has a blog on the site, which is interesting enough, but until the Identity Blog, that was it. You have to dig on your own to find their analysts’ blogs (e.g. Mike Gotta’s), which are hosted elsewhere. Too bad. Despite the strength of the white papers and the research behind them, I’m still probably influenced more on a day to day basis by analysts’ blogs.

This is where, without adequate transition, I point to RedMonk, whose work I follow a bit too closely for my own good.