The Militarization of Information Security
2 hours ago
Jackson's comments, commiserations, confabulations and simplifications on identity management and Microsoft's Active Directory all based on his continuous "reality tour" of meetings with customers, ISVs and Microsoft.
A New Jersey company paid a man nearly half a million dollars before realizing he wasn't working.
Anthony Armatys was hired by telecommunications giant Avaya in 2002 for more than $100,000 a year. He changed his mind and didn't take the job, but the payroll department apparently never got the memo, according to the Star-Ledger.
For nearly five years, Avaya paid Armatys and he gladly accepted, spending most of the money on everyday items. The rest went straight into a retirement account. Armatys got caught when he tried to make an early withdrawal from that account.
He pleaded guilty to second-degree theft and has to pay the $470,995 back to Avaya. Armatys, 35, faces up to six years in prison when he's sentenced in January -- time enough to think about his next dream job.
One glaring regression is the lack of integration with Microsoft Exchange. The former Active Directory Users and Computers UI had extensions that would expose the critical attributes necessary to perform recipient management. This was handy for many people and its absence is already being mentioned. I would guess that eventually the Microsoft Exchange team will provide this, but so far it has been a no-show.Good to know this up-front so you're not too surprised by this fact.
Microsoft is on the verge of finally providing some pieces of software to back up its ambitious plan to integrate its security and identity technologies, but the company admits it is moving slower than it had anticipated.Progress towards this goal, as many of us have already blogged, has been slow. One glimmer of movement in the right direction was last year's merger of the security and identity teams. I also think that the upcoming "Geneva" - now Windows Identity Foundation - will be pivotal for Microsoft and the industry.
We (Microsoft) don't see ourselves as providing the only solution that an enterprise customer needs for security...I think most customers would agree with this. In fact, Bob really needed to add "and identity" to that statement. Nearly every customer I meet with has multiple identity management products deployed. In fact, at one customer I recently met with they had three different self-service password reset solutions deployed. Many of the customers I meet with have also deployed Microsoft's identity lifecycle product too (MMS, MIIS or ILM). When I quiz them on what scenarios they are solving with the Microsoft product the most typical response is "GAL sync" yet the company has also deployed a non-Microsoft identity product or framework for the enterprise.