Thursday, August 07, 2008

SSO Summit Commentary

Unfortunately, the gods of travel did not smile on me as I traveled to this conference so I arrived at the SSO Summit quite late. Throw in "altitude sickness" - KeyStone is at 12,500 feet above sea level and I normally live at sea level - and my Day 1 was a wipeout. The end result was that I was there only for the Day 2 talks but they started off with a bang:

Gunnar Peterson gave a great talk on Security Architecture. Not only did he really give some great visualizations to help state the problems and solutions that he envisioned but he also had a lot of great quotes like:
  • Identity Super Soaker: Spray accounts everywhere, provision accounts across the enterprise (As one method of enabling better audit but it isn't the real answer to the problem.)
  • Information Security people do not know that their careers are an oxymoron (As in information security is an oxymoron.)
You should check Gunnar's presentation out! In fact, all presentations have been posted by Ping - enjoy!

All of the presentations on Day 2 were awesome and I must say I especially liked the customer presentations and the fact there were a lot of customers presenting. To me, this makes it all worthwhile. I am going to single out Bob Brandt's (3M) presentation and highlight some of the interesting points I gleaned from his talk:

  • 95% of their end users manage a single password that exists in a single location (Active Directory) that works with 200+ internal web applications that include J2EE, ERP, CRM, Portals, Wikis and 3rd party apps. They've been so successful that their employees simply expect SSO now! Isn't this awesome?!
  • They specific SAML capabilities in their RFIs. They have 5 production SAML integrations.
  • They've never purchased an IDM suite or framework but have chosen best-of-breed solutions instead.
During the panel that Dave Kearn's hosted a question came up regarding how these guys handle failover and high availability with respect to their ESSO implementations. I loved this answer that they all agreed with:

We use Active Directory to store our ESSO credentials and if we can't keep AD up I am not worried about SSO!

I also wanted to point out that it was great to meet up with some old colleagues and friends so shout-outs to:

Marc Boroditsky, CEO PassLogix
Barry Crist, CEO Likewise
Gerry Gabel, The Burton Group
Dave Kearns, Network World
Bob Brandt, 3M - Bob, thanks for the compliment during your keynote - it means a lot to me!
Omar Hussain, CEO Imprivata
Mike Neuenschwander, Mycroft (formerly of The Burton Group)

There's been some great coverage of the conference so I'd certainly invite you to check out Dave Kearn's, Andre Durand's, and Christopher Paidhrin's commentary on the conference.

p.s. I'll be back next year!

Technorati Tags:
, , , , , , , , , ,

No comments: