Thursday, December 28, 2006

VMWare for Mac in beta

It's about time VMWare got their act together and released a version of their software on Mac (even if it's only in beta release)! Of course, I didn't care about this before I actually bought a Mac.

Previously, there were only 2 ways of running Windows on a Mac:
  1. Using Apple's boot camp (which installs Windows natively on the machine)
  2. Using Parallels Desktop for Mac, which is a VMWare competitor and beat them to the punch in stitching up Mac users who wanted to run a virtualised environment.
Why am I posting about this? Because running a virtualised environment is much easier than installing an OS from scratch natively - not because it's hard to install but because it's annoying having to reboot to change operating systems. In a virtualised environment, it's as simple as firing up the virtualisation software (if you can't tell yet, I'm a long time VMWare user).

Oh, the other thing is that you have to pay for Parallels. VMWare has a free version of their product, and we all LOVE free (although I'm not sure if VMWare intend on charging for the Mac version once it's out of beta).

Friday, December 22, 2006

My first post using my new MacBook Pro

This post isn't really identity related (although one could argue that one's mobile phone and choice of notebook says a lot about one's personality and sense of identity, but I digress), but it is somewhat technology related.

So I decided to buy myself a Christmas present and went for the MacBook Pro 15-inch. And boy is it a powerful piece of technology: Intel Core 2 Duo 2.33GHz processor, 2GB RAM and ATI Mobility Radeon X1600 graphics card with 256MB of GDDR3 SDRAM.

It is by far the best looking notebook on the market as you would expect from Apple. I considered other notebooks but ultimately went for the MacBook Pro because of the power and the looks. Of course, if it didn't contain an Intel chip and wasn't capable of booting up in Windows, I would never have considered it...not because I want to use Windows, but because I need Windows to play games. Games are also the reason I forked out the $$$s for this thing, otherwise the plain old MacBook (at half the price) would have been good enough.

So far, I'm quite impressed. Apart from having to get used to Mac OS X, it's really quite nice. I expected usability and I certainly got it. Initial setup was a breeze. No need for banging my head against the wall or trying to pull my hair out. It was a nice to have technology just work. The only annoying thing so far (and it really is just a little thing) is that the keyboard doesn't have the "End" key that takes you to the end of the line when you're typing. I use that quite often and not having it there is kinda bugging me. Maybe it's there and I need to hit some weird combo of the "apple key" and some other key. For now, I just have to use the mouse or the arrows to move me manually to the end of the line. Apart from that, (Ed Note: I finally found the "End" key. It's on there, I just didn't look closely enough. To use it, I have to use the "apple key" and the right arrow button together). I'll probably be using the Mac OS as my default environment and only use Windows whenever I REALLY have no other option. At this stage, I'm expecting this to only occur when I want to load up my games.

Apple's also made it relatively easy to help load Windows up on a Mac with their Boot Camp beta at least I have a "Mac newbie" way of doing it.

As for why I needed a new notebook when I already had one (I actually had 2)...2 reasons:
  • It's about time I had my own notebook to do my personal things on.
  • I'm about to lose the 2 notebooks in a month or 2 because they are technically not mine. ie. They belong to the company I work for. So I would have been without a machine in the near future if I didn't take a proactive approach to things. Why will I be losing the work notebooks? You can probably guess...but more on that in due time.
Now...I guess I'd better go get that Windows XP CD...

Monday, December 11, 2006

Attempts to consolidate my online identity brand

I've started to take an interest in this concept of a personal online identity brand lately. I first mentioned it a few posts ago here. It's interesting to me because:
  • It's fairly new.
  • It's a form of identity management, but with a very strong marketing focus.
  • It makes one look at identity from a non-technical perspective.
  • It elevates the concept of identity commonly mentioned amongst the technical community to something that the average Joe can identify with.
  • It further "rounds out" the concepts around our "digital identity".
  • One day, someone may offer you a job because of your online identity brand.
  • One day, you may be fired because of your online identity brand.
What got me thinking about this again today was a news story on titled "Send us a resume and URL". I'm starting to see this take effect on a more personal level hence heightening my interest.

I get unsolicited emails and phone calls from companies and recruiters asking about my interest in roles they have that they want me to consider. I usually have no idea how they get this information as I'm not applying for any jobs explicitly. Hence they must be doing it some other way. I've started to ask these people where they get my details and it is probably no surprise that a fair few are from personal referrals and people who know me or at least know of me (my day job gives me some level of a public profile in the technical community).

However, there seems to be an increase of people (not just locally, but overseas as well) who say they found my details via online social/business networking sites like and the like. It's no surprise that Internet savvy recruiters love business networking sites such as as it gives them a new channel and transparency into the masses out there that they would have never dreamed of gaining via traditional means. This trend will only continue as time passes and recruiters research new ways to gain a competitive advantage over their competition for talent.

If recruiters can gain access to potential candidates via publically available information, this obviously has implications with regards to prospective employers and people in general who may want to know something about you. I won't even begin to talk about the privacy implications here, but in most cases you give up a level of privacy if you choose to disclose information about yourself online. In these cases, it's simply your own fault. But what about the information you have no control over and things that have been posted about you without your knowledge? This is the reason we're starting to see an uprising of companies who claim they can "manage your online brand" and help you erase any negative information out there. My question to them is simply how do they expect to have the ability to erase anything about anyone on the public Internet where information you want to erase is more than likely not within your control? Are they really expecting that the site owners will remove the information if they ask nicely? Are they going to threaten legal action? How are they expecting to prove that the information is incorrect? Sites have every right (in most cases) to publish information they deem to be accurate - especially if we've clicked the "I agree to give up all ownership of any information I give you to allow you to publish it however you choose" button that is a pre-requisite to sign up to most sites out there. You know, the terms and conditions text box we NEVER read! Who's going to pick up the bill? The consumer? It's just a legal, potentially costly minefield. In other words, it's a very difficult thing to attempt to do without some form of standardisation.

Let's expand on this and look at identity theft. I'm not talking about the commonly known term you see in the news nowadays where someone steals your details to get access to your bank account or credit card details or whatever else is of value so they can commit fraud and cost someone (hopefully not you) a lot of money and in the process profit from it. I'm talking about stealing your online identity brand. What if someone claims to be you and signs up to all sorts of things all over the place under the guise of claiming to be you? They are never challenged. How can you get that back? Our online identity brands are much easier to steal than our bank account details. The losses we incur may not be financial (at least not directly) but what if we lose a job because of false information out there about ourselves? Can we call it financial loss then? It's certainly personally damaging one way or another.

Companies such as ClaimID are attempting to address some aspects of this issue by giving you a place to point people at for anything and everything you know about yourself online. It's essentially just a page of links that relate to you. Profiles, books, blogs, photos, comments, references to you in articles etc. The thing about ClaimID is that you have to find all the information about yourself, by yourself. No 3rd party is going to do it for you unless you pay them. e.g. InfoSearch media as mentioned in this press release. It's easy to link to information about yourself, meaning I can "claim" information about someone else to be mine. For example, in my case, there's a rather well known doctor who is an expert in nutrition and weight loss with the same name as me. I could simply just link to all the information about him and claim I'm this doctor. I have to give ClaimID some credit in attempting to get around this issue by using the concept of a verified link. The problem I have with the way they do it is that I need to have the authority to edit the web page I'm linking to because the way they do the verification is by searching for a specific unique "MicroID" that tags the page as yours...or at least tags it to be owned by your ClaimID identity/brand. Anyone see the biggest problem here? Well, I really only have control over a handful of pages out there. The other ones I have no say over. Meaning they can never be verified unless I manage to convince the site owner to embed the relevant MicroID into the site. In other words, the problem isn't really solved. Anyone can still say they are anyone else because it's difficult to have a properly verified link and people will simply ignore the "verified link" concept. I'm not trying to put ClaimID down in any way. In fact, I'm quite appreciative that they are at least trying to do something about it. I'm merely pointing out that this is not an easy problem - especially when your online identity brand is so easily stolen. Anyone who can turn on the computer and fire up a browser could do it.

One could argue that Google is the main source of our online identity brand. Most of the world uses it as the starting point for search. Most people have "Googled" themselves at some point. Most importantly, other people have also "Googled" you at some point in time (e.g. employers). How do we attempt to "control" our online identity brand in the more generic sense? Unless ClaimID becomes some sort of standard (I'm sure they'd be extremely happy if that happened) and they improve some of their processes (e.g. the verification step), we've got this potentially large (I won't say huge...yet) problem on the horizon that no one has started to look at solving properly yet. Or to put it another way, we've got a few companies out there trying to do something about this in isolation, but we know what happens when things get done in isolation don't we? They don't get solved...or they take a VERY LONG TIME to come to some sort of resolution because we end up with many different methods to do the same thing.

The point I'm trying to make is that in this case, it's our reputation at stake. One could argue that our reputation is worth more than anything financial. It's MUCH more difficult to recover from a damaged reputation than it is to recover from a financial loss.

I don't claim to have the answers, but I'll continue to ponder the issues and comment on them from time to time. I'm simply stating that this is on the horizon and will need to be looked at. Anyone want to put their hand up? You guys at Google labs reading this (ha! I can only hope) want to volunteer?

Wednesday, December 06, 2006

Identity & Access Management products and customers - a list

A common question from people interested in the Enterprise Identity & Access Management space is "which customers use this product"? So I thought I'd take a step towards helping figure this out.

I've compiled a list of products and the customers using them. This is not a full list. It is simply one I compiled using publically available information on the web. Each entry in the list should have a link to the relevant article I found.

I'll have a permanent link on the right side of my blog so it's always available. I figured it was better than relying on people having to dig up this post to get to the list everytime (unless you've bookmarked the list directly of course).

Increased competition in the Enterprise Identity Management space

The recent spate of announcements made by the large Enterprise Identity Management (IDM) vendors has made the competitive landscape very interesting for the suite vendors (IBM, Oracle, CA, BMC, Sun, HP).

Oracle just released (OK so it was in August, but that's still quite recent) version 10g release 3 of their IDM suite with much more tightly integrated components and increased functionality.

The very recent Gartner Identity and Access Management summit has also yielded announcements from HP and CA. HP has announced increased functionality in their suite, although I'm not convinced they are that integrated yet. Their focus has not been on their IDM business and as a result, they've taken a little longer to integrate all their acquisitions. CA announced new versions of the major products in their suite. They coupled this with the announcement of an OEM agreement with Ping Identity to incorporate their federation technology into the eTrust SiteMinder product. They're also further along in their acquisition integration journey than some of the other vendors so by now they have probably gotten their act together and have an integrated suite to rival IBM. It'll be interesting to see what happens in the next year or so in this space with IBM yet to announce new versions of their products this year (other than the new Tivoli Federated Identity Manager Business Gateway for SMB).

Next move, IBM? Or maybe some kind soul will finally integrate Sun's suite for them as they've pretty much "Open Sourced" everything. They can only hope.

Tuesday, December 05, 2006

Manage your online identity brand -the final frontier?

Much of the work being done in the area of identity is centred around the following areas:
  • Enterprise Identity Management (e.g Provisioning, Access Controls, Authentication, Single Sign On)
  • User Centric Identity (e.g. Microsoft CardSpace, OpenID, Sxip)
Both have everything to do with IT systems. In other words, they are concerned with trying to identify who you are, what you can get access to, how you can easily get access to other things (propogation of identities between systems), personal identity related information you provide and how this is protected amongst other technology related things.

There's also quite a few sites out there that claim to help you manage your reputation. After all, your identity is directly related to what people think about you. It's not about who you think you are - it's about who other people think you are. This directly relates to trust and integrity of you as a person. The more respect you have (ie. the better your reputation), the more likely it is that people will listen to what you have to say (Side note: Google's famed "PageRank" algorithm is actually based on the "apparent reputation" of pages. The better a page's reputation, the higher it is on the list of search results). At this stage however, work around the "reputation area" is a little bit less focused on than identity and as a result it's a bit of a "wild wild west" when it comes to this topic. There has not been as much effort around consolidating and standardising the efforts being made around reputation. It's the typical cycle I suppose. Reputation is in the infant stages of development and everyone has their own way of trying to solve the issues. Heck, we're still trying to figure identity out. I'm sure this will eventually be done...once we sort out identity. This brings us to a rather interesting issue though. How do we control what people say about us? What if it's untrue? What if there's information out there in the great unwashed Internet that we don't want anyone to know about? How do we protect our "personal brand"?

I came across an announcement by InfoSearch Media that claims to do just this. It is yet to be released (Q1 2007 apparently), but it seems appropriate that a company that deals with marketing and content would come up with such an offering. There's probably going to be a need for this from a marketing perspective initially, but it only makes sense that this ties in with all the work around the other areas of Identity Management eventually. It rounds out the identity picture. After all, there are many individuals out there whose "personal brands" are the key to their livelihood. High profile celebrities come to mind, but this could apply to the average Joe. What if you did something in your younger days that you regretted and had the photos posted on a site you did not have control over? Even if you did, the Google search engine would probably still have the offending copy of the site in its publically available cache. What this "personal brand identity management" does is take the whole identity concept to the next level. It aims to help to figure out what the Internet says about us as individuals and provide a way to somehow control that information. I have no idea how InfoSearch Media are going to do this because we don't really "own" the information out there. At least not in the traditional sense. It's our identity data yes, but those constant "privacy policy disclaimers" we click blindly usually result in giving up our rights to the 100% ownership of the data that we provide the 3rd parties. So even if we know what's out there, how do we prevent the dissemination of that data? With this in mind, it's no easy task. In fact, Google probably has the best shot at doing this properly given that they are the "access point" into the Internet for most of us. Maybe they're doing this as a beta project. Who knows.

With this in mind, it looks like the whole identity journey has a ways to go...even more than most originally thought:
  • Step 1: Enterprise Identity Management - We're only starting to solve this one.
  • Step 2: User Centric Identity - We're beginning to understand this, but we're a long way from solving it.
  • Step 3: Reputation - There's a small percentage of disconnected companies and entities trying to think about this, but we probably won't even be able to get started properly on this for awhile.
  • Step 4: Personal Brand Identity - This is going to be much harder to solve and it's probably going to be a long time before we even scratch the surface here. Where would we even begin to solve this one? Is Google the answer? Perhaps.
In the meantime, the rest of us can continue to work on our metaphysical identity...on the age old philosophical questions that has been around since the dawn of time - "What am I put on this earth to do? What is my purpose? What is my personal Identity?" Few of us will ever find the answer to this question I'm afraid.

Entitlement Management is NOT a new concept

Seems to be a fair bit of hype and marketing about the supposed "new" area of Identity Management called "Entitlement Management" and a particular startup called Securent., NetworkWorld and DigitalIDWorld (to name a few) have all talked about it as being the "new frontier" even suggesting that Securent is the only startup in this area.

I beg to differ and I'd be willing to bet any vendor or startup out there dealing in network or application access control will no doubt have something to say about that. It's just that it hasn't been marketed well enough in the past. This type of "entitlement management" technology has been around for YEARS. In fact, many of the access management products on the market are built on this type of idea and most offer APIs to allow the externalisation of entitlements. The only thing missing with many of the existing products out there is an XACML interface into them - and I dare say this is being rectified in a hurry.

All the hype-mongers out there should look a little deeper into the solutions out there before "announcing" the arrival of the "next big NEW technologies" and further adding to the hype. Perhaps organisations are starting to take a look at "entitlement management", but it's not new. The only thing that's happening at the moment is that marketing is catching up with the technology. Maybe the marketing departments have leaped on this concept as the next thing to go after because most of the other areas have been marketed to death.

It kind of makes sense because vendors are now beginning to work their way down the application stack in the identity space. Perhaps market research has also helped determine that the security maturity lifecycle of organisations is at this stage in their identity and access implementations. Regardless of the reason, the industry seems to have reached the point where it makes sense to specifically market fine-grained authorisation as a key component. In the past, this was simply "value-add". goes so far as saying some vendors don't have solutions in the "entitlement management" space and singles out IBM in particular. The writer of that article should really do his research a bit better. I have a tip for him - go read up on IBM Tivoli Access Manager.

Friday, December 01, 2006

Top 10 Tech Leaders

Sage Research and NetworkWorld did a survey earlier this month of the top 10 technology companies. They survey rated the companies against the following categories:
  • Executive Management Leadership
  • Leadership Qualities
  • Customer Service
  • Key Technology Industry Leader
  • Product Excellence
  • Strategic Supplier
  • Sales Experience
  • Technology Vision Leadership
  • Whether respondents were likely to buy from the vendors within a year
The top 10 companies in each of these categories can be found here as a slide show.

Survey participants were gathered from a combination of NetworkWorld subscribers who are also decision makers within their respective organisations and Sage Research's Technology Panel members. The top 10 overall companies pretty much rated in the top 10 for each category. Overall standouts were:
  • IBM
  • Cisco
  • Apple
From a vendor's perspective however, I'd be MOST interested in the "whether respondents were likely to buy from the vendors within a year" category. Sure, it's nice that people think a vendor is great at customer service, has good technology and has strong executive leadership - but are they going to buy anything anytime soon?! With this in mind the following things jumped out at me:
  • Cisco rated highly everywhere and rated highly on the "likely to buy" list.
  • Microsoft doesn't rate in the top 5 anywhere except for being 2nd on the "strategic supplier" list and 1st in the "likely to buy" list!
  • IBM rates top 3 almost everywhere EXCEPT on the "likely to buy" list. It is 5th here.
  • Apple rates similarly to IBM and Cisco, BUT is NOT in the top 10 on the "likely to buy" list.
So am I to conclude the following:
  • Cisco is doing just fine.
  • Microsoft have ruled our desktops for so long that our laziness and aversion to change have made us accept that even though we don't like them, at least we know that to shut down we have to click the "start" button and if anything stops working, just reboot.
  • Are IBM too expensive for our tastes? Otherwise I don't know why it's not in the top 3 of the "likely to buy" list.
  • Apple have GREAT marketing and design departments and their stuff is VERY cool...but would you use a frigging MacOS? How are we supposed to play games?!
Read the full article for yourself here.