Integrated Identity Management for Enterprises Gets More Powerful

Orlando, Fla., June 10, 2008 — Microsoft today unveiled the first public beta version of Identity Lifecycle Manager (ILM) “2” at TechEd 2008. ILM “2,” the codename for the successor to ILM 2007, addresses customer feedback by delivering an integrated identity management (IdM) solution that eases the burden on IT departments and help desks and extends powerful new identity management capabilities to IT professionals, end users and developers.

To learn more about the company’s IdM strategy and the new thinking behind ILM “2,” PressPass spoke with Douglas Leland, general manager of Microsoft’s Identity & Access Business Group.

PressPass: What are you announcing today?

Leland: We’re announcing availability of the first public beta version of our latest Identity Lifecycle Manager product, which we’ve codenamed ILM “2.” This is going to have a huge impact on the identity management marketplace.



Douglas Leland, General Manager, Identity & Access Business Group at Microsoft

It’s the first integrated identity management system that gives identity management tools to audiences beyond the IT department, including powerful self-service capabilities through Microsoft Office for end users and familiar .NET- and WS*-based tools for developers.

PressPass: Why is that important?

Leland: In listening to customers, we’ve learned that IdM solutions on the market today all have one major flaw: they don’t provide end users — the decision makers in most organizations — with the tools or capabilities they need to manage identities and access privileges. Not only does this create extra work for IT organizations and help desks, but it places a level of abstraction between end users who know best what their own data access requirements are, and the IT pros who up until now have had to implement those rules. What this has led to is skyrocketing help desk costs, poor business agility, as well as security and compliance issues.

So what we’ve done with ILM “2” is provide the end users with powerful self-service tools they need to manage their own identities and access privileges. And we’re doing it through Office’s user interface, which end users are familiar and comfortable with, so there’s barely a learning curve. The result is identity management that is more balanced and effective while at the same time accurate and cost effective.

PressPass: If you put more power over permissions in the hands of end users, aren’t you increasing the security risks?

Leland: No, because in addition to empowering the individuals who are drafting the policies and processes to actually put them into practice, we also provide rich administrative tools and enhanced automation for IT professionals, including a central management and enforcement capability, so end users can’t circumvent established enterprise security policies. Also, customers have told us that when you have IT folks trying to implement business policies that they may not fully understand – as is the norm today — that can create security and compliance risks. What ILM “2” does is really change the game as far as identity management goes.

PressPass: What else have you learned from your customers about the IdM market?

Leland: We have learned that our customers are dealing with significant regulatory and corporate compliance needs as well as a greater level of security risks. So being able to determine who in your organization has access — and is accessing — what information is a key capability that must be offered by their identity and access infrastructure in a powerful, yet easy to use, way. ILM “2” has this capability.

Also, we’ve heard a lot about the rising cost of identity and access management, particularly in a world of unconventional business models and outsourced supply chains that may require the selective distribution of information outside the enterprise. Let’s face it: the more broadly information has to be shared, the more difficult keeping that data secure becomes.

PressPass: You mentioned developers earlier as another new audience for ILM “2.” How does ILM “2” help them?

Leland: Until now, corporate and ISV developers were limited in their ability to develop identity-aware applications. So in addition to reducing the burden on IT pros and empowering end-users, ILM “2” offers developers the ability to innovate on top of ILM to address new scenarios. We’ve done a tremendous amount of work to extend ILM “2” to developers with .NET- and WS*-based extensibility capabilities.

PressPass: What separates ILM “2” from competing offerings?

Leland: Among the many things that are unique about ILM “2,” it is the first IdM product that integrates the management of identities, their credentials — including strong authentication tokens such as smart cards — and related access privileges all in one product offering. Additionally the open and extensible architecture allows partners to deliver complementary solutions to manage additional hardware security tokens such as OTP devices and 3rd-party Certificate Authorities. In fact, today those three elements: identity, credential and access management, are often delivered through multiple products and even multiple vendors, so the customer has to acquire separate products and then invest time and money in piecing these point solutions together. So in addition to changing the game, ILM “2” will offer the best TCO in the market.

PressPass: How can customers get the ILM “2” beta?

Leland: Visit http://connect.microsoft.com/ and enter invitation ID ILM2-DXD2-DF32. Alternately, click on See all Connections, and scroll down to Identity Lifecycle Manager “2” Beta 3. Follow the instructions from there to join the beta program and download the Beta 3 bits and documentation.

PressPass: When will the final product be available?

Leland: We anticipate a release to manufacturing (RTM) in the first quarter of 2009.

Related Posts

A New Approach to Enterprise Security

Q&A: Douglas Leland, general manager of Microsoft’s Identity and Security Business Group, outlines Microsoft’s strategy to help enterprise customers secure their information and systems.