Sometimes the best gifts come after Christmas…

January 10, 2013 Leave a comment

Sometimes we are lucky enough to have many gifts during the holidays – family, time off to relax, perhaps a few material items.

Team Work

Team Work (Photo credit: Easa Shamih (eEko) | P.h.o.t.o.g.r.a.p.h.y)

Sometimes we are even luckier to have the efforts of many recognized by leaders in your field.

Today was such a day for me, as we announced:

Quest One Identity Manager named Leader in Gartner Magic Quadrant for User Administration and Provisioning 

(Click here to get a copy of the report)

For me, this is much more than a validation of our approach, technology and skills – it is a validation of the very hard work of literally 100’s of folks involved in the process of ‘making something for someone’.

For this to happen – at the velocity and trajectory that we are tracking – takes a highly skilled, organized, targeted and motivated team to make it happen.  As I was forwarding some of this information around to my internal teams – going through the ‘who to thank list’ – it really hit me just how many folks and roles are involved in delivering a leading solution.  I went through the list of ‘functions’ or ‘roles’ in the organization and I stopped counting at 50 different roles.

You see, when you are in the ‘creation’ business – you are actually in many businesses – such as the service business, support business, consulting business, marketing business, communications business – and sometimes yes – even the travel business, therapy business or even the food business :)

team work

team work (Photo credit: yckhong)

Crossing boundaries – corporate, personal, geographic, language, motivations – is something we do on a daily basis.  This is the foundation of our personal and professional growth and always leads to learning from my perspective.  This group of teams, organizations and individuals grew and expanded their skillsets and knowledgebases in many ways last year.

Although late for ‘2012 in Review’ commentary – I want to say congratulations to the whole team – local and global – that contributed to this huge win for us.  Even more heartwarming for me is that our customers validate this analysis and continue to challenge us to grow!

Felicitaciones y los mejores deseos para 2013!
Félicitations et meilleurs voeux pour 2013!
Herzlichen Glückwunsch und alles Gute für 2013!
Поздравления и наилучшие пожелания на 2013 год!
Gefeliciteerd en de beste wensen voor 2013!
Gratulerer og beste ønsker for 2013!
Congratulations and Best Wishes for 2013!

Change hurts – but is usually for the better…

November 28, 2012 Leave a comment

A USB MINI A-B cable showing the shape differe...

A USB MINI A-B cable showing the shape difference (a=rounded b=square) and the additional plastic insert in the mini A. The mini-A plug is white; the mini-B plug is black. (Photo credit: Wikipedia)

Sometimes Change hurts – but Sometimes it makes a lot of sense….

Change – something we always have to deal with these days – has always been a challenge for most of us I suspect.  Disregarding the myriad emotions and side effects of change that are most times very difficult to calculate and forecast – change is more often than not for the better and drives ‘betterment’ of an industry, business, organization or person.

While I’m not going to spend time on iphone vs. android and other facets of the mobile business – I will pick out a very specific ‘change’ to the industry that has been an interesting event to watch.  Apples’ introduction of the lightening adapter for the newest generations of their devices has been revered, complained about and flamed to pretty deep levels.  However, an interesting ‘benefit’ of the change here is the macro-sized effect that Apple has on the industry and the correction of (from my perspective) a very flawed design point that has lasted the better part of a decade now.

Even before Apple’s proprietary connector type (30 pin Doc Connector) – the USB connector was (and still is) the defacto ‘open’ connector standard.  The old style had a keyed mechanism that forced users to insert their connector in a specific way only – leaving the user to guess if the ‘logo up’, or ‘logo down’ is the way to connect device.

English: A typical USB connector.

English: A typical USB connector. (Photo credit: Wikipedia)

I never understood why the designers (or as I suspect – perhaps engineers did the design without design/usability specific input) felt that a keyed approach with a visual indicator – that is completely and utterly useless in the dark or without visible reference (think fiddling in your car to plug in your phone) – would be sufficient.  I have watched many people jam those poor connectors together (myself included many times) sometimes to ruin their equipment – or minimally swear and curse at the situation.

Granted, perhaps the original team didn’t expect their standard to be so ubiquitous worldwide.  But then we see the same ‘design consideration’ (or flaw from my perspective) in the mini-usb connector.   Its keyed.  It’s even smaller.  However, the visual keyed approach – making visual representation of up/down – less important helps somewhat.   Of course, in the dark or under your desk – you can’t tell which is up or down.  Still fried gear sometimes when you’ve really jammed the connector into the socket – I’ve seen it really!

iPad mini 5W power adapter and lightning cord

iPad mini 5W power adapter and lightning cord (Photo credit: brownpau)

The new lightening adapter – putting aside cost implications and end user frustration with ‘useless’ connectors now – fixes one major component of device connectivity – being able to be used up or down – it works.

Simple really.  Difficult to do.  Success is variable and subject to many external forces.

(Good example of past ‘design choices’ added up over time – nasty!  http://www.cultofmac.com/190779/apple-vs-samsung-a-decade-of-proprietary-connectors-humor/ )

Will Apple be successful?  I leave that to others – but I will say that taking the old norms, breaking with tradition and doing ‘good change’ is something I think most of us strive for on a regular basis.  Speaking for myself, I try to approach old problems with updated questions, challenge historic design decisions and re-ask the questions to stakeholders – in the hopes of introducing positive, lasting, valuable and leading change.

Thanks for reading!

NB:  Adding to my list of ‘stupid things that should work in any orientation’ include:

-          Parking machines that issue stubs with mag stripes one way, then expect you to insert it a week later at the airport ‘the correct’ way.

-          Credit card readers of all stripes and sizes – I get you need to read the mag stripe – but why not have a reader on both sides?

-          Hotel room key systems – does the reader mechanism really cost that much to have on both sides?  My math says the reader is less than $0.30 to include – so really?  I mean Really?

New ActiveRoles Server Release…

November 6, 2012 Leave a comment

Although the paradigm of enterprise IT and security have changed significantly over the years – one thing is true  – the foundation of your identity, security and access control strategy MUST be secure, stable and well maintained.

Our flagship product – a leader in the marketplace with over 60 Million seats sold over the years – has experienced some dramatic change over the years – and 2012 is no exception!

Although the role of the AD Administrator has gotten more complex, strategic and challenging over the years – one thing has always been there to help – Quest One ActiveRoles Server.  For years, we have helped administrators secure AD, delegate security permissions on a very granular basis – far more than native or competitive tools enable.

On top of that – we have been monitoring our customers on several specific issues associated to AD – and delivered to them a suite of tools to help manage it:

-          AD Group bloat and under-utilization

  • Many customers indicate that the explosion of groups within their environments continue unabated.  It is not unheard of for a customer to tell me they have a 10-30:1 of groups to users

-          Unable to keep up with day-day AD management tasks

  • Instead of always being fire drills, we’ve implemented a rapid to use, simple to deploy scheduled workflow infrastructure that allows you to search for information within AD or ARS datasets, perform an action and receive notification – all on a scheduled basis.  True to ARS form, this functionality of course is delegatable to other AD admins and can be set to run as them, yours, or ARS Service account to manage its security scope.

-          Fully customizable, fixed function AD Group management system.  Much like Quick Connect last year, we’ve decided to split off the End-User functionality of ARS to a more robust and specific platform – Quest One Identity Manager – Active Directory Edition

  • This change in market approach enables us to:
    • Provide a fixed-function, market specific AD Group Management Service – with a very rich and powerful workflow system
    • Enable customers to completely manage and customize the User Interface that is delivered to their end-users – something that is usually as important as the technology itself.
    • Enable an ability to scale to 100’s of thousands of end users using standard infrastructure such as IIS and MS-SQL – OOTB
    • Deliver to the auditors a fully functional, usable (and most importantly!) ad-hoc reporting and dashboard service so they can manage and monitor group recertifications/attestations – without asking IT for a report/excel/txtfile/export, etc.
    • Enable line of business or resource owners to manage their OWN resource recertifications (if wanted) without having to use IT for engineering
      • We find many customers has distinct and separate lines of business with differing security and audit policies – we enable this self-control and management out of the box!

In addition to managing AD, we have taken a few different approaches to enabling our customers to work better and more efficiently.  In 2011 we separated our builtin data synchronization tool from the ARS product line to give it more focus, more development resources and ultimately – more flexibility for our customers.    Quick Connect is going to expand rapidly this year past its current (and rich) connector set to do more in the cloud, more for ERP and more for webservices.  Stay tuned here on that one – we’ve just finished the roadmaps and I am very excited!

Of course, no new release nowadays would be complete without Windows 2012 Server support – and I am happy to report that we support Windows 2012 Server for operations of the service itself,  Exchange 2012 and MS-SQL Server 2012!

Some other highlights from the release:

  • Automated workflow – Automates manual tasks to reduce errors and speed AD management
  • Simplified clean-up – Simplifies clean-up of AD objects to prepare environment for Windows 2012 and/or cloud integration
  • Interface “look and feel” – Makes working with ARS more intuitive
  • Enhanced Exchange management support – More completely manages your Exchange environment
  • Notification enhancements – Customizes notifications with more data and status information
  • Approval enhancements – Enables delegation, escalations and re-assignments of admin requests
  • Scanning & pruning – Makes it easier to manage Active Directory Group and object bloat
  • Native integration – Integrates with Quest One Identity Manager, Quest One Quick Connect, Office 365, Lync, Quest Authentication Services and Quest Defender

Review the full feature list and/or download the trial here:

http://www.quest.com/activeroles-server/questdrive.aspx

Being more Successful, Agile in Descision making: The Art of the Imperfect Pitch

October 23, 2012 Leave a comment

English: Human brain Polski: Mózg człowieka

English: Human brain Polski: Mózg człowieka (Photo credit: Wikipedia)

A great article I passed a while back and am now removing from my backlog of blogging articles is the concept of being perhaps more agile in presenting ideas or decision points for your management – by Professor Baba Shiv from Standford – http://www.gsb.stanford.edu/news/research/the-art-of-the-imperfect-pitch.html.

The first is: Figure out if the person you’re trying to pitch to is really open to new ideas. If not, find a champion in the upper managerial levels who you think might be. Float your idea to that person first, and then have him or her present it to the target manager

I spent a fair amount of time in consulting and one of the kisses of death for the newbies (and surprisingly some of the more experienced folks as well) was the usually wasteful and unrecognized effort called Gold Plating.  As simple as it reads, Gold Plating your consulting deliverable is demonstrated by padding it with superfluous content, spending an arduous amount of effort on minutiae of formatting, perfect colors, etc.

To be sure, some of these functions of the deliverable matter – financial information must be accurate for a large financial project and color-matching would be very important to a fashion customer.

However, I am sure if you look around you (or in the mirror) sometimes you will see the effects of perfectionism, perhaps a touch of OCD or other mental faculties (I won’t call them disorders) affecting someones work.

After reading the article below, it made me reflect on how I position things for decisions by others.  I had always felt (and sometimes been told) that I was perhaps lacking the attention to very fine detail, or perhaps was a little bit lazy.  Very well may be the case, or I find that I perhaps just focused on the important facets of the conversation, provided only what was needed to support the decisions and focused more on the delivery of the message versus burying them with paper.

The second is: Don’t provide your champion with a polished pitch. Let it be a little bit rough around the edges. This may seem counterintuitive, but having something that leaves room for expansion inspires people to get involved in your vision. Having the “perfect” solution, on the other hand, tends to inspire critique

Consider just yesterday here in Barcelona.  In a meeting with management about a specific business issue, I collaborated with several colleagues to work up a slide deck to present the idea.  It was not perfect – nor was it complete – we hadn’t planned on presenting it this early.  However,

Deliverables

Deliverables (Photo credit: terriem)

instead of spending another 5-40 hours each on chasing market data that may not exist, or doing up pretty graphics that would only be skipped or viewed for 5 seconds – I felt our time was better spent on the conversation and framing the data we had collected to facilitate a decision.  In this case (and most of yours as well), I had no personal agenda nor was I trying to drive to a specific decision – just wanted to come to one jointly with the group – and perhaps that’s what made it easy – I didn’t have to couch the ‘deliverable’ with extraneous information supporting the case.

Anyways – I invite you to read the full, verbose and to the point :) piece below!

Behind all this is scientific research about what makes people tick. Although the human brain is a sophisticated instrument, at its core, it’s nothing but the organ of an animal, prone to instinctive responses. If you really want to succeed at bringing innovation into your company, you need to be aware of how your brain works.

The Art of the Imperfect Pitch | Stanford Graduate School of Business.

Identity and Device Lifecycle Management even more important now…Employee iPads could cause more Microsoft-related costs

October 22, 2012 Leave a comment

Was reading an interesting post here from itbusiness.ca – based on a report from ‘Directions on Microsoft’..

I  hadn’t considered this before – that allowing remote access to your resources for tablet users may have a licensing impact on your business – I have always been a big proponent of managing devices (access and the hardware itself) just as tightly as Identity.

Image representing iPad as depicted in CrunchBase

Image via CrunchBase

I was working on some marketing messaging today for another product line and our conversation was focused on how Cloud is changing the dynamics of where ‘premise’ was.  I know in my past as a network guy – the advent of VPN’s and other RAS services – extended my security perimeter to the coffee shop, the home, the airport, etc.  Complexity was increasing – attack vectors were expanding – and customer demands were increasing.

As the drive for BYOD continues – indeed well over 75% of the customers I speak to on a daily basis have or will have a BYOD policy in place – do keep in mind that they great devices need to be managed just as tightly as Identity.  This means revoking the certificates immediately on a termination action, sending the ‘kill’ command to the device when you deprovision someone, using your provisioning system to retrieve the device itself, etc.

The use cases for these new scenarios are complex – and indeed the workflow components begin to require the involvement of more people – physical premisses folks, RAS folks, building access control, etc.

Have a read of the below article – it brings up some interesting concerns that you may not have addressed as part of your project.

Employee iPads could cause more Microsoft-related costs: analysts

If your business allows employees to bring their own iPads or other tablets to work, then it’s possible you owe Microsoft more money for all your licence agreements.

Employee iPads could cause more Microsoft-related costs: analysts.

What WaaD does for the marketplace

October 16, 2012 Leave a comment

English: Diagram showing three main types of c...

English: Diagram showing three main types of cloud computing (public/external, hybrid, private/internal) (Photo credit: Wikipedia)

yeah – I made up WaaD – just because it seems like the thing to do nowadays – make everything look like SaaS :)  In reality – WaaD is Windows Azure Active Directory.

Anyways, we’ve been working hard on bringing several key stories together for identity – not just simply federation or identity from multiple platforms – but extending the management model into the cloud, half into the cloud and/or all permutations therein :)

There exists myriad deployment methodologies for identity and platforms – and we’re starting to see some interesting approaches towards solving the problems.  As per usual, what I’ll call the greenfield approaches (those that are unencumbered with ‘legacy’ platforms, decisions or architectures), give us an idea of what the future looks like.

I was reading the following article from Matthew Heusser -Bring Your Own Identity Is Here! (Mostly). – Unchartered Waters – and he was covering some of what AD Azure can do for these ‘greenfield’ companies.  Although other providers can act like a single/centralized identity store for other platforms in the cloud – even Facebook could be considered this way *shudder* – I do see a unique opportunity here for cloud services/app providers to utilize AD Azure to further extend the very rich enterprise ecosystem for apps and services.

Yes the cloud is cool, and yes its here to stay.  Yes, everyone is (or will shortly) start using it in some fashion.  However, the ‘enterprise’ services/apps are much, much bigger, deeper and add significantly more to business.

When you combine them, you will have an unbeatable advantage – and this is what we are focused on – bringing the value of ‘enterprise’ and ‘cloud’ together.

Don’t understand the hype about Data Governance?

October 14, 2012 Leave a comment

Our solutions are the problem

Our solutions are the problem (Photo credit: Waleed Alzuhair)

Recently I posted a link to a simple whitepaper that walked through some of the governance solutions for fileservers that we have under our belt.

Today, I wanted to share a report done by one of the leading analyst firms on the aspects of Data Governance as a whole – and its broad impacts to Identity and Access Management – both for the marketplace and customers alike.  Our first release in August was a milestone in our product line – more to come in the nearterm!

Here’s some highlights from @KuppingerCole:

  • “We strongly recommend that you evaluate the solution in the context of Access Governance initiatives and for standalone Data Governance requirements.”
  • “…Quest provides an innovative solution which integrates Access Governance and Data Governance in one solution, with strong functionality on both sides.”
  • “…it is a valuable complement to the existing Quest One Identity Manager as well as an interesting standalone solution for companies which want to start with Data Governance.”

Feel free to download the report free of charge – I think it is interesting reading and gives you a viewpoint into this growing segment of the market – and your auditor will love you for it :)    Download Here –>  http://bit.ly/OaIpSl

Follow

Get every new post delivered to your Inbox.

Join 2,063 other followers