Identity Management

The importance of getting identity management correct!

Hitting the news today (Tuesday 6th November 2012) was a sobering article highlighting just how important it is to get identity management correct!

Over a three year period from March 2007, the Prudential UK managed to mix-up two of their customers’ pension accounts and pay substantial funds into the wrong account.  The mistake, which has cost Prudential £50,000 in fines, boiled down to the two customers having the same forename, surname and data of birth.

For the full story check out http://www.bbc.co.uk/news/business-20221648.

The quiet Google Apps and Chromebooks revolution

Over the past few weeks I have been assessing how best we can deploy and manage a set of Google Chromebooks to be piloted across a group of schools.  We already have an enterprise deployment of Google Apps for Education with approximately 130,000 users grouped into around 450 Organisational Units.  The entire user and organisational management is efficiently streamlined using the Systems Interoperability Framework (SIF); new users, transient users and leavers are all near-time captured through SIF making account management a breeze!

How does this work?  (1) The school Management Information System (MIS) is updated – pupils and staff intake, leavers, or changes – and modifications are transported securely via SIF and the (2) Zone Integration Server (ZIS) to the Identity Management (IdM) server.  Here users identities are matched or created.  (3) Then the identities are passed via SIF to the ZIS and then (4) on to Google Apps.

SIF Identity Management

Now here’s the cloud clever bit… Before deployment to your users, each Google Chromebook is registered with your organisation’s Google Apps domain using the management console.  Here you can define a multitude of policy options including which applications, or extensions, a user should, or should not, have access to.  Policies can be defined for different organisational units – pupils and staff, sales and marketing, etc. – and updated at any time.  Any user who signs-in in to any registered Chromebook will automatically receive the profile relevant to them.  Organisational Unit policy changes are automatically applied the next time a user signs-in, or after a set time period.

Chromebook Management

This is a fantastic example of how simple, powerful, efficient and cost effective cloud computing really can be.  No expensive domain servers to maintain and house.  No network intensive traditional roaming profiles.  Easy management from any place in the world with an Internet connection.  Flexible and mobile workforce and learners.

Virtualising SIF

Well… It’s been a mad few weeks hence being a quiety on the blog!

We’re migrating our SIF, Identity Management and Shibboleth Single Sign-on infrastructure to a ‘virtual data centre’ – a kind of private cloud.  This will give us loads of confidence in terms of scalability, high availability, sustainability and total cost of ownership, as well as alleviating the strain of managing the hardware, OS and networky side of things.

It has meant that there is much interest in what we are doing resulting in case studies, media coverage and a spell for me in front of the camera, lights and action – oh and having make-up applied in front of the team :-S

Still, I’ve learnt a few things…  It doesn’t matter how well you know your subject, asked about it in front of the camera and even a thoroughbred Bable Fish will struggle to translate your ramblings.  And, should I ever acknowledge that the Johnny Depp Pirates of the Caribbean look does have its advantages, then I now have some make-up application training 😉

If the film team are magicians and able to cut and slice the vid into something that is not too career limiting – and if I am able to post it – it will be here at some point.

Novell Identity Management and SIF

Doing some research on industry Identity Management (IdM) solutions and stumbled upon Novell’s Identity Manager (3.5.1) which has a SIF Agent plug-in.  The following case study may be of interest…

Alvarado Independent School District used Novell Identity Manager to automate user provisioning, and reduced administration time by 45 percent using Novell ZENworks @ http://www.novell.com/success/alvarado.html

SIF Case Studies and Presentations

If you are interested in increasing efficiency, saving time, improving data security and of course a better ICT experience for all, then check out the case studies and presentations below…

Solving data issues with SIF.  Examples of SIF in Norfolk, Warwickshire and South West Grid for Learning.  (Double sided A4)

Norfolk County Council – 20 January 2010.  Norfolk’s Proof of Concept (PoC). (Double sided A4)

http://www.sifassociation.org/uk/presentations.asp.  Presentations from the SIF Association UK’s quarterly conferences.

Okay, so I’m interested in SIF… What should I do next?

You should seriously consider becoming a SIF Association UK member. The following highlights just some of the benefits of joining: SIF Association UK sees continued growth.