|
|
|
|
|
|
|
|
|
| Secure Identity Management Overview Course |
|
| March 2003 |
|
| DeveloperNet University Course |
|
|
| Reader Rating |
|
|
|
from ratings |
 |
|
|
|
|
Putting Nsure Together for Your Company
Managing user identity information on information technology (IT) systems consumes substantial staff time and costs a lot of money. Whenever a new employee is hired, or when a current employee changes jobs or terminates employment, the IT staff has to grant, modify or revoke that person's access privileges to IT resources. This task usually involves entering, modifying or deleting user information separately in multiple systems--e-mail systems, business applications, databases, directories and more. That takes time. Yet, time is of the essence because delays in adding accounts for new employees cause productivity lags, while delays in deleting accounts of terminated employees can create serious security issues. Moreover, delays can result in inconsistent, obsolete, and even inaccurate information.
What's required is a user identity management solution that minimizes the delays by automating the processes of managing user identities and controlling access to resources across the network. Such a solution should automatically grant, modify or revoke access to IT resources immediately, whenever employees are added, change job status or terminate their employment. The solution should also automatically propagate any changes in user information made anywhere in the network to all other systems that share that information, ensuring accuracy and consistency across all systems.
Deploying such a system is not a trivial task. It involves interfacing with many disparate systems, from human resources (HR) and messaging systems to account and directory systems. It requires ensuring that a change made in any one system is immediately propagated to all other affected systems. For example, if an employee promotion is entered into the HR system, the user identity management system should not only propagate the new job level information but also modify the user's access privileges accordingly in messaging systems, network directories, account systems and all other affected systems.
Deploying an identity management solution requires obtaining the buy-in of different departments, many of which want to maintain their autonomy and authority. That's why the solution should maintain authoritative data sources. The HR system, for example, may be the authoritative source for all employee additions, modifications, and deletions, while the e-mail system is the authoritative source for all e-mail addresses. That means employee additions, modifications, and deletions can be made only in the HR system, and e-mail addresses can be created and changed only in the e-mail system.
Novell Nsure Resources provides an effective first step in the deployment of just such an identity management solution. Nsure Resources is a preconfigured packaging of Novell DirXML technology intended for organizations that want to implement an identity management infrastructure. With Nsure Resources, an organization can quickly create a laboratory system that can be used to demonstrate and study user identity management concepts.
Novell Nsure Resources includes preconfigured DirXML drivers that tie together popular HR, messaging as well as account and directory systems to provide basic employee provisioning functionality as well as synchronization of user identity information across the systems. Nsure Resources is a member of the Nsure family of secure identity management solutions. Nsure provides a secure user identity management foundation that enables an organization to address the general challenge of cost-effectively delivering real-time, role-based resources to its distributed workforce, partners and customers from any location-wired or wireless-yet keep the organization's systems safe and secure.
|
|
|
|
