Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

You Don’t Have to Own Identity in Order to Consume Identity

by Neil MacDonald  |  November 15, 2010  |  Comments Off

I’m here this week in San Diego at Gartner’s Identity and Access Management Summit.

I’ve been associated with Gartner’s identity-related research from 1995 when I joined Gartner to cover Novell and directory services. I’ve atached identity change over the past 15 years. Directory services evolved into metadirectories which evolved into user provisioning which has evolved into IAM platforms, delivering a suite of identity-related services.

At this conference, the hot topics are the shift in focus to deliver identity intelligence, the shift from identity-as-a-product to identity-related services and the role of identity in emerging Cloud-based architectures.

I’ll be giving several presentations: one on the future of information security becoming context and identity-aware; one on the role of identity in next-generation virtualized data centers; and one on Microsoft’s IAM strategy.

On the first topic, I’ve talked before about the need for information security infrastructure to become identity-aware – able to assign policies to logical attributes such as the user’s identity, group, or role. This is a part of a broader shift to assign security policies to logical, not physical, attributes as increasingly we don’t the underlying physical servers and devices that our systems and information are processed on.

Why don’t security megavendors vendors like McAfee, Symantec, Cisco and others get into the IAM market? These vendors are smart in not getting distracted by the IAM business (different buying center, different mindset, lots of professional services). You can deliver identity-awareness without having to own the IAM systems. Most vendors simply tie into Active Directory and LDAP as a start and are evolving to support SAML and other claims formats.

You don’t have to own identity in order to consume identity.

Comments Off

Category: Cloud Security Information Security Microsoft Security Virtualization Security     Tags: , , , , ,