TOM KEMP'S CENTRIFY BLOG
Centrify Wins Best Identity Management Software Award
Thursday, February 14, 2008
Looks like Centrify is officially on a roll. We are pleased to see that we just won the "2008 Global Excellence Award" for Best Identity Management Software from Info Security Products Guide. This follows on the heels of Centrify recently being named one of Linux Magazine's "Top 20 Companies to Watch"; our DirectControl solution being named "Security Product of the Year" by SearchEnterpriseLinux.com; and having won late last year the comparative shoot-out for best solution for extending Active Directory to non-Microsoft systems from Windows IT Pro Magazine.
I think the interesting take away from Centrify, an Active Directory-focused vendor, winning in this broad category of identity and access management is that if you take a look at the other finalists that we beat out - products such as Courion's provisioning suite, M-Tech's identity management suite and Quest Software's ActiveRoles Server - is that they all represent the "classic" way of doing identity management. Namely these products either synchronize data across pre-existing identity stores and/or they layer on top of existing directories and enable provisioning and administration by adding their own infrastructure (e.g. database, user interface, etc.) that manages the existing infrastructures. So if you have ten identity repositories and corresponding identity infrastructures within your environment, they become a "plus one" identity infrastructure that also needs to be installed/managed/configured/etc.
While no doubt these are all good solutions and each has its place (and our DirectControl solution integrates with a wide number of provisioning solutions), their approach does not address a key point of pain that our DirectControl solution addresses, which is reducing the number of identity stores in your environment. [Side note: I wrote extensively about this in this blog entry on why you should leverage Active Directory for Linux Identity Management.] Specifically, what our DirectControl solution allows customers to do is consolidate (and eliminate) their plethora of identity stores for their non-Microsoft systems and applications into Active Directory.
Now to be candid customers of ours will not reduce say 50 identity silos down to 1 (i.e. Active Directory) as there will still be a need for a few other identity stores besides AD that can't be consolidated (e.g. they will still need say RACF for the mainframe, PeopleSoft for HR, etc.), but our solution lets customers reduce the plethora of identity stores from say 50 down to 3 or 4 (with DirectControl putting AD on steroids by extending its reach across a heterogeneous environment). And then from there you can use a product such as M-Tech's or Courion's or Microsoft's ILM 2008 provisioning solution to provision between those 3 or 4 directories. And frankly having to just provision 3 or 4 identity stores will make your life much much easier than trying to tie 50 directories together.
I think this completely different and innovate approach we are taking vis a vis "classic" identity and access management products that our fellow co-finalists represent is in part what led to us being named the winner of best identity and access management solution (and also we have enthusiastic customers who like to vote for us!)
Surveys of end users validate this approach we are taking. For example, a recent survey of over 200 IT organizations by the noted analyst firm Enterprise Strategy Group asked "what are the most difficult tasks for your organization as it relates to Identity and Access Management ("IAM")" and here were the results:
As the report notes:
"Accomplishing these 'IAM' tasks can be extremely difficult as IAM activities are done in IT silos all over the enterprise. This creates an IT operations challenge as administrators are forced into a pattern of redundant operations and administration. ... When asked to identity the most difficult IAM tasks, security professionals pointed to managing identity information spread throughout the enterprise, synchronizing individual technologies and provisioning/de-provisioning users."
You still need those types of solution in many cases, but isn't it better to not have to do that type of stuff (e.g. synchronization) across a plethora of identity stores? What Centrify does is reduce those silos of identity, allowing you to "Identify. Simplify. Centrify" (i.e. our tagline) on an existing infrastructure that you already have (Active Directory) and a corresponding skillset and investment you have made in that technology. For more reasons why you should consider leveraging Active Directory across your enterprise, see this blog post for additional reasons to leverage Centrify and Active Directory.
< Previous Article: Integrating Samba with Active Directory
> Next Article: Microsoft and Kerberos
About Tom
Tom Kemp is President and CEO of Centrify. He blogs regularly on the topics of Entrepreneurship and Centrify. (Full biography.)
Recent Posts
- SAP Certifies DirectControl for SAP on UNIX and Linux
- New Survey Details Top Mac/Windows Integration Needs
- Mac Shipments to Hit 3 Million This Quarter? And an Upcoming Webinar on "Managing Macs in a Windows Environment"
- Another Award: Best in Identity Management
- Centrify to Host Three-Part Webinar Series on Identity Management Featuring Gartner Group
- What Another Great Year!
Categories
- Centrify (48)
- Customers and Press (35)
- DirectControl for Databases (22)
- DirectControl for Systems (42)
- DirectControl for Web Apps (20)
- Group Policy (34)
- Partners (9)
- Regulatory Compliance (29)
- Mac OS X (17)
- DirectAudit (11)
- Open Source Tools (7)
- All (65)
Other Blogs
Subscribe
RSS Feed
