In the 1990s, implementing identity management was the IT equivalent of entering quicksand.
Projects took years, requiring process changes, custom integration, and organizational buy-in.
Many companies underestimated the time, cost, and effort to get identity right resulting in a number of highly publicized project failures.
Over time, enterprises developed a much more rational approach to identity management. Rather than take on yet another "boil the ocean" IT initiative, large organizations eschewed big projects in favor of a more piecemeal approach, implementing high-value products in areas such as user provisioning, Web access, or central management.
This buying behavior led to an inevitable cycle on the supply side. First, VCs threw money at identity start-ups like Netegrity, Oblix, and Thor that offered niche products. The start-ups then went to market where the best products, and execution won out. Finally, established leaders were gobbled up in an acquisition binge. CA grabbed Netegrity; Oracle bought Oblix and Thor; Sun Microsystems acquired Waveset Technologies. Pretty soon, there were a few large vendors offering identity management suites.
As we fade into the sunset of 2007, there is still plenty of upside in the identity management space. And as always in the tech industry, history is repeating itself. Many of the hottest identity management firms are venture-backed start-ups that have carved out a niche and are now executing in the field. For example:
Aveksa and Sailpoint deliver products to manage identity governance and role management. This is a new requirement driven by GLBA, HIPAA, PCI DSS, and Sarbanes-Oxley. These two companies provide specialized tools that help companies map users and roles to compliance mandates.
Imprivata provides a network-based appliance that simplifies single sign-on , and authentication management and also marries physical and electronic identity. This is a great example of a simple solution to a complex problem.
Identity Engines saw identity-based networking on the horizon, so it introduced a new-age Radius server to accommodate the burgeoning requirements for policy management and massive scale.
Chosen Security believed that growing demand for PKI would be a mismatch for technical complexity. As a result, it has a PKI service offering.
Centrify takes advantage of pervasive Windows infrastructure by offering a middleware bridge that lets large organizations manage Linux and Unix users through Active Directory.
None of these companies will grow up to be the next Microsoft, but I believe all of them offer products that users value. That's a recipe for success as I see it.
I know what you are thinking: The next step is more industry consolidation. Yup, it is already happening. Cisco Systems' purchase of "fine-grained access control" start-up Securent comes to mind. Look for more identity specialization and more M&A activity, after the ball drops on New Year's Eve.
A recent Associated Press article on Lompoc, Calif.'s public broadband project was a key topic at this week's MuniWireless New England.
The AP article , which was run by many newspapers around the country, used that town project's failures as an example of how municipal Wi-Fi is wasting taxpayer dollars. The article said that "many cities are finding their Wi-Fi projects costing more and drawing less interest than expected, leading to worries that a number will fail, resulting in millions of dollars in wasted tax dollars or grants when there had been roads to build and crime to fight."
"The entire article was premised on the Lompoc, Calif., network. It was a delayer, that's true and that number of people who had signed up for service was disappointing. But he never mentioned St. Cloud, Fla., which is free and 77 percent of the households have signed up," said Esme Vos, the founder of MuniWireless.
Municipal broadband is the building of a public broadband infrastructure that can be used as a platform to offer things like free public Wi-Fi in city spaces.
But free Wi-Fi paid for by taxpayer dollars and subscriptions to residential service is not its only use or business model.
"The wireless IPs come in and cities become an anchor tenant," said Angela Singhal Whiteford, director of municipal solutions for Nortel, explaining the different models the company has worked with. "Or they can do advertising for about $1-$4 per subscriber. That alone will shoot payback in about 6 months. They can integrate applications and use that as a business model. already went to utilities in the area and negotiated the pole rights. For the city, that's great," she said.
Public broadband infrastructure can be used to host applications for managing municipal services like surveillance, meter reading, controlling traffic lights, and administering databases, media and proprietary communications systems for police, firefighters, first responders and municipal workers. It can be used to offer things like VoIP for residents.
When it comes to funding, several different models are being tested. Some are funded by offering residents paid-for-use broadband in the home through third-party vendors, but that is not the only way.
Other cities, like Providence, R.I., paid for its public broadband infrastructure through federal public safety grants since it is using the broadband for a proprietary police network. The Department of Agriculture is offering grants for rural towns. Other towns are getting local businesses, which want to bring in better broadband for themselves, to foot the bill for the town. Candace Lombardi is a staff writer at CNET News.com
Photobucket , the massive image-sharing site that was acquired by News Corp. last year, announced Tuesday the debut of its mobile Web site.
On the new site, now live at m.photobucket.com , members of the photo-sharing site can browse their own photos as well as public images, upload photos to the site from their mobile devices, and access a limited home page. In the future, the company has said, Photobucket Mobile will expand to allow video functionality as well as options to embed photos in social-networking profiles.
A statement from Photobucket cited that demand for mobile photo-sharing access is high. According to an internal survey by Fox Interactive Media, the News Corp. division that runs Photobucket, 80 percent of users who responded to the survey own camera phones, 36 percent use the camera every day, and 52 percent access the mobile Web on their handsets.
Not to mention the fact that some other popular image-sharing sites, like the Yahoo-owned Flickr , already run mobile Web sites, as do social-networking sites like Facebook that have photo-sharing features; Photobucket needed to catch up with the competition.
And if cell phones are too small for your taste, Photobucket has a deal with TiVo so that you can access your online albums on your nice big HDTV.
One of the country's most important terrorism databases is on the verge of failure after suffering from gross mismanagement and technical design flaws that went ignored for months, a congressional investigation found.
A congressional committee on Thursday called for an investigation into a program called "Railhead," which was supposed to upgrade the National Counterterrorism Center's integrated terrorist intelligence database, called Terrorist Identities Datamart Environment . The database serves the United States' 16 separate intelligence agencies, and as of January, contained more than 500,000 names , according to the NCTC. The program has cost an estimated $500 million.
Railhead was also meant to improve TIDE Online, an unclassified version of the TIDE database, and NCTC Online, a classified database of terrorist information and intelligence reports available to counterterrorism analysts.
However, officials at the NCTC began making drastic changes to the Railhead program in recent weeks, according to the House Science and Technology Committee, including laying off hundreds of private contractors working on the program. The number of contractors has shrunk from more than 800 to just a few dozen. The state of the program is now in jeopardy.
Representative Brad Miller, chairman of the House Science and Technology Committee's Investigations and Oversight Subcommittee, sent a letter Thursday to the Inspector General of the Office of the Director of National Intelligence requesting an investigation into Railhead's near-collapse.
"Potentially hundreds of millions of dollars have been wasted, delivery schedules have slipped, contractor employees have been laid off," he wrote. "The end result is a current IT system used to identify terrorist threats that has been crippled by technical flaws and a new system that if actually deployed will leave our country more vulnerable than the existing yet flawed system in operation today."
Miller noted the problems with TIDE and Railhead stem from "fundamental design flaws," namely their reliance on Structured Query Language to search the database. SQL is a computer code that uses sentence structures to conduct queries, as opposed to using text-based searches, like search engines such as Google do.
Due to faulty searches, tens of thousands of CIA messages to the NCTC have not been properly processed or reviewed, or may not have even reached the TIDE database.
On top of that, the TIDE database has reportedly crashed several times in recent months, delaying the delivery of updated terrorist intelligence data to the FBI's Terrorist Screening Center.
While TIDE already has problems, Railhead appears to just exacerbate them: The Railhead initiative would significantly downgrade the NCTC Online's capabilities by preventing access to any intelligence community Web sites or data resources, such as sites for the CIA, DIA, or FBI.
The project is not only flawed but also behind schedule. Thirty-four of Railhead's 72 "action items" are past due, and two are behind schedule. Ten more tasks--five of them costing more than $92 million--are "significantly off-task."
Unnamed sources involved with the Railhead project also told Congress that some of the project's deals with private contractors were inappropriate. A memo produced by congressional staff cites sources who allege that SRI International's involvement in the project created a conflict of interest because SRI program director Earl Lyberger has close ties to Railhead's program manager Dirk Rankin.
Additionally, the staff's sources allege that the government misused funds by spending nearly $200 million to retrofit a building in Herndon, Va., belonging to one of the project's main contractors, Boeing.
Representatives from Boeing and SRI did not respond to requests for comments.
Miller noted in his request for an investigation into the program that there may be efforts under way to close down Railhead completely.
TiVo's midyear report card is in, and the numbers are better than most analysts expected.
The results aren't fabulous, but anything's better than the $17.7 million loss a year ago. In the second quarter of this year, the maker of digital video recorders earned revenues of $65.2 million, eking out a profit of $2.9 million, good for 3 cents per share for investors. Analysts had been anticipating revenues between $54 million and 59.3 million, a loss of 2 cents per share.
TiVo recorded lower services revenues this quarter than a year ago, but it did make more money on hardware, to bring up its revenue 4 percent to $65.2 million. The company continued to lose subscribers this quarter, as a result of DirecTV's earlier decision to stop offering TiVo and sell its own DVR system instead.
Other distribution deals, including the partnership with Comcast , are still in the early stages, according to TiVo. The company added just 36,000 new customers in the second quarter, while losing 78,000 subscribers, bringing the current total to 3.6 million.
TiVo stock was down 37 cents to $7.59 in after-hours trading.
If consumers and businesses are going to be convinced to switch to solid-state drives over hard disks, it's going to take something more compelling than 16GB.
On Wednesday, Hewlett-Packard will introduce a new version of its Compaq DC7800 series desktop PC. The product line was initially introduced last September, but now has an option of adding a 16GB solid-state drive from SanDisk.
Sure, fewer moving parts when storing data is more reliable and saves power, but when an audience is conditioned to expect 80GB minimum in a desktop, 16GB appears a bit puny. The software image--a load of software that includes the Windows Vista operating system and other software that corporate customers use--takes up roughly half of the available space, or 8GB, leaving the other 8GB for productivity apps like Microsoft Office and storage.
"This is not a mainstream product," said Kirk Godkin, HP's senior product manager for business PCs. The option is aimed at commercial customers, like those in the hospitality industry, who have limited space and run a single application repeatedly. Godkin said he believes SSD in desktops won't be mainstream until at least 2010. Eventually HP will move to a 32GB and perhaps even a 64GB SSD, he said, but did not give a specific target date.
The biggest reason is cost. Right now solid state is more expensive than a hard disk drive --a 16GB SSD costs about $300, compared with $120 for an 80GB HDD, Godkin said.
Solid-state drives in desktops are new. The option for a solid-state drive in notebook PCs is still relatively rare, and is usually reserved for a PC maker's higher-end mobility products. Some hard drive makers, like Seagate and Samsung, are beginning to offer hybrid drives for notebooks, which combine the use of flash memory chips with a hard disk, but even those have been slow in gaining any sort of mass appeal among the top PC makers.
Online free speech issues have made many headlines of late, from China to MySpace. But one area that hasn't been discussed as much lately is online activity by terrorists.
USA Today reported this week that Al-Qaeda supporters are using Orkut , "a popular, worldwide Internet service owned by Google, to rally support for Osama bin Laden, share videos and Web links promoting terrorism and recruit non-Arabic-speaking Westerners, according to terrorism experts and a survey of the sites."
Although it's difficult to imagine that a terrorist organization would outline its next attack on the Web, the site could still become a test case at the legal intersection of free speech, national security and jurisdictional boundaries in cyberspace.
Blog community response:
"People chat and whinge and threaten and gossip in online communities the same way they do in real life--more so, in fact, as retribution is less likely. The 'Osama' community has at most 2,000 members, out of perhaps 13 million in the Orkut community. That's not many anti-Americans when you think about it!" -- Laurel Papworth
"The First Amendment doesn't apply to Al-Qaeda sympathizers if they are located outside the U.S. or are more importantly non-U.S. citizens. If they are located within the U.S., then Google would be powering terrorism on our own soil. Basically, there is no legitimate reason for Google to allow such content on Orkut." -- Technosight
"Google's social networking tool is the current actor in the ongoing drama of terrorism online. The article is uneven tonally. It likes to use 'community' in scare-quotes. There's the classic haunted internet emphasis on the corruption of children." -- Infocult