Burton Catalyst Reprised

Last week, I was out in beautiful San Diego for the annual Burton Catalyst Conference. Despite the slow economy, the conference was very well attended – attesting to the attendees’ level of interest and quality of information delivered by Burton. This year’s identity track was kicked off by Bob Blakley, who talked about the evolutionary changes occurring in the identity market. Bob’s theme was one that we heard last year as well: identity needs to move from a centralized control model to a distributed model. Enterprise control of identities is getting more and more difficult. In response, the identity community is changing the way identity is built and deployed. As Bob put it, “we are now building infrastructure that will let you stop being an account and start being a person. Businesses can consume these and you can take them with you.”

Bob’s presentation was immediately followed by a panel discussion, hosted by Lori Rowland, that included Bob and analysts Gerry Gebel, Mark Diodati, Ian Glazer, and Kevin Kampman. The theme of the panel was change and evolution, touching on several topics of interest:

  • The economy is driving the need for more identity solutions – compliance, need for efficiency, requirements not being met by current technologies. This year’s market has remained strong, with many vendors experiencing record growth. Burton predicts that next year will be even better.
  • There has been industry consolidation. The biggest vendors have shrunk, and M&A events like Oracle acquiring Sun have had a significant impact on the IdM community. Going to smaller vendors is now a solid alternative. Vendor viability is not simply a matter of size. Large vendors do not excel at integrating their various components – you get better integration with smaller vendors’ products.
  • The economy has sparked changes to the IdM market. There is increased interest in SaaS, hosted, Open Source, or alternative delivery methodologies.

For me, the most interesting part of the panel discussion was the analysts’ perspective on provisioning and the evolution of identity management into functional layers. Here’s a sampling of their commentary:

  • Provisioning has become bloated and monolithic. Over time, every new feature got dumped into provisioning. It outgrew itself. Burton believes that breaking down functionality into separate layers is the right approach rather than making provisioning bigger. For example, an identity governance layer has emerged that is separate from the provisioning layer. This shows that vendors are catching up to what customers want in this area.
  • Identity governance is better suited for functionality such as access certifications, audit, SoD policy and access request, whereas provisioning is better suited for infrastructure functionality (engine, connectors). As Gerry pointed out, provisioning is not well-suited for compliance. It doesn’t cover the right applications; it does not have business-oriented UIs. Lori then added that “doing access request via provisioning is not pretty. You need to know the meaning behind the entitlements (and that’s not in provisioning).”
  • It’s a bad idea to clump all functionality into provisioning. Companies need to think about IdM differently – in layers. Big vendors are good at some things; specialty vendors are good at some things.
  • Provisioning has become impossible to deploy. It’s grown to encompass more things than anyone can comprehend. You’re always going to be in the middle of a provisioning project. It’s like the laundry – you’re never done.

The panel finished up by looking at “What’s Hot” in IdM based on their conversations with end users. I’m happy to report here that the list includes several areas that are front and center for SailPoint, including role management, access and identity governance, and privileged user management. Other hot” areas mentioned were federation, identity services, standards like SPML, and AD bridge. Identity management areas that have reached a level of maturity and are not as “hot” included eSSO, WAM, provisioning, and password Management. Burton stressed that these products are still significant markets, but they are becoming more of a commodity.

All in all, it was an exciting and informative show.