|
 In today's complex business environment, it's more important than ever to achieve comprehensive, secure identity management. Establishing that all users have the right levels of access and modification rights to their assigned data is essential for virtually any organization, and this is particularly true as enterprises seek to extend core IT services beyond company walls to business partners, associates, and customers by way of the public Internet. As the total number of users scales up, identity management systems must be sophisticated enough to scale in parallel-without creating breaches in security that could lead to lost or modified data, a disruption of business continuity, or violations of government regulations.
At the same time, however, identity management solutions should also yield a high return on IT investment, and today's budget-challenged IT divisions increasingly find that getting best business results from IT means automating whenever possible. Automation frees IT staff for complex tasks that map well to their domain expertise, accelerates response time for end users, and also helps ensure that services continue to perform in robust, consistent manner by eliminating the potential for inadvertent manual error. Identity management technologies are an excellent example of how automation can help optimize IT as a whole.
For these reasons, IBM Tivoli Identity Manager (TIM) has proved a best-in-class solution for organizations seeking to achieve comprehensive identity management without introducing potential security compromises. This tool empowers IT teams by leveraging automation for many common identity management issues that might otherwise require a dedicated response from staff. For example, in the event passwords need to be reset in accordance with company security policies, users can reset them directly, without submitting a trouble ticket or going through a help desk.
Furthermore, the automated benefits to administrators are similarly compelling. Among other features, IBM Tivoli Identity Manager can be used to create logical workflows which dynamically manage identity information in tandem with the changing business needs of the host organization. Furthermore, the flexible administration model means that as users, and groups of users, are created, they automatically inherit restrictions designed to comply with internal security policies and government regulations. In this way, data is always accessible to those who need it and restricted from those who don't, and compliance with both internal security policies and government regulations is more easily achieved.
IBM Tivoli Identity Manager 5.0's New Features Make Life Easier for Both Managers and Users
IBM, however, is not a technology provider known for resting on its laurels. With the advent of IBM Tivoli Identity Manager 5.0, IBM delivers compelling new features designed to enhance productivity, simplify regulation compliance and management complexities still further, and accelerate setup and deployment. TIM 5.0 will make it easier than ever for enterprise-class organizations to implement high-end identity management, quickly, securely, and comprehensively.
One major new feature, for instance, is the improved interface for managers and administrators, a new console which simplifies use through tailored, configurable views which correspond to different types of users. Because the interface can be customized for any given business purpose, users will see only the information they need to see, and will focus strictly on those features which are essential to performing key tasks. This redesign is not merely more visually aesthetic, it also delivers improved productivity via easier access to basic functions which correspond to specific business contexts.
The view required by a system administrator, for instance, will necessarily be more comprehensive than the view required by an everyday end user, reflecting more features, different security settings, and other variables which map appropriately to the manager's job duties. Other users, such as help desk associates, service owners and stakeholders, supervisors, and even auditors can similarly receive their own forms of the interface, each targeted specifically to that class of user. This "skinnable" design works through style sheets and custom text, and can be adapted in many ways to achieve many goals. In addition to features and their logical arrangement, for instance, the enterprise might choose to pursue corporate branding goals through specific color and font combinations.
Several other improvements come with the new TIM interface console as well. For example, multitasking is facilitated through multiple tabs within a window. For service owners, a dashboard is also included which increases service level transparency by reflecting transaction and adapter status for all TIM managed resources. Search is now easier and yields more comprehensive results, thanks to shortcut menus and smart, context-aware functionality; fewer clicks deliver more and better results.
For end users, a new interface is included, meaning the self-care features built into TIM are more easily leveraged than ever. Here, style-sheet design and tailored configuration options enable a custom front end. Furthermore, in cases where the enterprise already has Web portals established for end users, those portals can be utilized to host the TIM interface; this is accomplished through simple HTML embedding. Thus, the new features are delivered in an already-familiar format, allowing users to leverage the portal to handle routine identity management tasks, instead of having to turn to an entirely separate interface.
Thanks to the new smart-search feature, TIM 5.0 now allows users to search for specific resources such as data or applications with familiar terms, rather than formal references, achieving easier access than ever (where policies permit). Different classes of information ranging from shared folders to Web portlets to application modules can now all be managed via the same controls associated with account management, such as recertification, approval workflows, and others. And in the event access entitlement data must be evaluated by an auditor, it can be presented more clearly and easily than ever before. All these improvements reflect IBM's strategy to bridge the gap between business users and IT staff.
Policy Creation, Recertification, and Regulation Compliance Demonstration Are All Enhanced
TIM managers who are responsible for creating policies and workflows will be glad to hear that TIM 5.0 includes wizards, which speed the creation process through a straightforward question-and-answer format to achieve common results. Furthermore, TIM 5.0 includes various templates which can enable many functions that would normally require scripting or custom coding-a second acceleration of management features. For instance, consider the provided account default templates. In situations where multiple services must be managed which are all fundamentally similar and differ primarily in detail, TIM 5.0 provides easy management through global default account attributes. These specify a range of settings for an entire logical class; only the details need then be modified in each individual case. TIM 5.0 also supports more advanced and complicated rule definitions through scripting.
One area where these new optimizations come into play lies in the realm of recertification. In the past, achieving compliance with internal security policies or government regulations meant that policies and workflows had to be painstakingly certified on a periodic basis to ensure ongoing validity-a relatively time-consuming process. With TIM 5.0, that situation is dramatically improved via its out-of-the-box recertification features. No programming skills or scripting is needed to develop simple recertification policies (though naturally more complex or customized policies can be developed manually, through advanced configuration, as the business situation demands it).
This out-of-the-box design also applies to request-based provisioning. In the event a user, or a manager of users, needs a new form of access entitlement (such as to a new account), this access is now enabled by TIM without requiring any dedicated setup. Additionally, TIM 5.0 includes support for manual services (such as phone assignment or voicemail setup) in which no adapter is available. And thanks to the new design, TIM processes such as workflow and recertification can be applied to these manual services as well.
In response to the emerging topic of regulation compliance, and the daunting possibility of an audit, TIM 5.0 includes a broad array of new report types. These new reports address different areas of identity management configuration, data, and functions to make it as easy as possible for the enterprise to demonstrate that compliance has been achieved. Among other new report types, for instance, are reports on dormant and orphan accounts which could conceivably represent a potential security issue. Also included are new reports that categorize and classify access entitlements, showing clearly how different users have been granted different levels of access to different types of information. What's more, TIM 5.0 integrates with other compliance-relevant solutions through a full set of adapters to make its information store available to completely different products.
If the new reports make life easier for auditors, new deployment features make life easier for TIM managers. For example, in cases where the organization wishes to migrate from an earlier version of TIM, such as TIM Express, that migration is achieved cleanly and automatically. And once installation has been completed, configuration is now significantly more elegant as well, speeding time-to-value; in cases of single-server installations, middleware configuration is simpler than ever. Furthermore, the process of updating the product has also been improved. When fixpacks are released, administrators will find that installing them is accomplished more unobtrusively, increasing system responsiveness for end users. In cases where unique customer configurations exist, in areas such as the end-user interface and language packs, they will all remain untouched.
TIM 5.0, in short, represents a major milestone in the arena of enterprise-class identity management technology. Through its enhanced interface, improved access entitlements and provisioning, new compliance reports, out-of-the-box templates, and simplified deployment and management features, TIM 5.0 promises to be the ideal solution for any organization seeking policy-driven, company-wide control of data privileges-at every stage in the IT service lifecycle.
|
