Imprivata extend beyond SSO

A couple of days ago, Imprivata announced a new product called Enterprise Network Authentication (ENA). This looks an interesting approach to extending their existing and traditional ESSO product.

In essence, they have modularised their product so separate out the SSO functionality from the authentication functionality with a simple upgrade to incorporate both components. With ENA, you can now add strong authentication through a variety of methods to the windows login. Where this gains advantage over other strong authentication suppliers, is the ability to have different authentications under different scenarios.

There seems to be a wide range of authentication types supported including tokens, cards and biometrics.

This should tie in nicely with their up and coming product in the summer which ties physical and logical access together.

Advertisements

InfoSec UK 2006

Yesterday I visited InfoSec 2006 @ Olympia in London.

Most of the exhibitors were the normal suspects with Microsoft, Symantec, RSA, Trend Micro et al having the biggest and loudest stands. However, there were a few things that struck me about the show in particular:

  • The heat in there was ridiculous. By mid-afternoon it was becoming unbearable
  • Nearly everybodies products came on an appliance. The colours, shapes and sizes varied but they were nearly all appliance based.
  • There were a fair few vendors pushing Identity and Identity management as a key selling point. Even when there products weren't directly related to this area, they still managed to get the term in there somewhere.
  • I didn't feel there was a great presence from the 'real' Identity Management suppliers. Since this is the year of Identity and since the opening speech on the show was titled "Identity" I expected far more, especially from all of the big vendors.
  • There seemed to be a huge presence from companies touting encryption, whether it was email encryption or seamless end-point encryption.
  • There weren't as many attractive ladies to entice you onto stands and last year and the ones that there were, didn't seem to have the product knowledge to hold your attention for long.
  • I didn't note any of either the keynote speeches or sessions worthy of viewing. The content of them was very much 'the norm' with nothing attracting my attention.
  • Radware had a magician who was quite cool!

I don't know if its just my cynical head, but InfoSec seemed a bit 'dry' this year. Oh well, lets wait and see if things have improved next year.

CEOP

The UK government has finally brought together a number of disparate organizations in order to try and crack child abuse on the internet. (Link: CEOP)

This isn't before time. Hopefully, now some serious effort will go into stopping this abuse and making the internet a safe place for our children to use again.

Digital Identity…..finally finished

During a completely unrelated conversation I was having with a colleague a few months ago, they happened to mention that they had just read a book called Digital Identity by Phil Windley and they highly recommended it.

Well, not being one to ignore recommendations, I bought a copy and have just finished reading it. The book is a good guide for anyone working within the 'Identity' space and provides some very good insights from Phil's experiences. In particular, I found the framework proposed for defining an Identity Management Architecture very useful. There are some areas where the book gives a good insight but leaves you needing to go and research topics further. However, all the major components of digital identity and covered and the links between them defined.

This book should certainly sit on the bookshelf of any identity management consultant.

Digital Identity…..finally finished

During a completely unrelated conversation I was having with a colleague a few months ago, they happened to mention that they had just read a book called Digital Identity by Phil Windley and they highly recommended it.

Well, not being one to ignore recommendations, I bought a copy and have just finished reading it. The book is a good guide for anyone working within the 'Identity' space and provides some very good insights from Phil's experiences. In particular, I found the framework proposed for defining an Identity Management Architecture very useful. There are some areas where the book gives a good insight but leaves you needing to go and research topics further. However, all the major components of digital identity and covered and the links between them defined.

This book should certainly sit on the bookshelf of any identity management consultant.