I just returned from Oracle OpenWorld in San Francisco. Superlatives don’t really do it justice. There were so many people, so many sessions, and so much information to absorb that it was a bit overwhelming. If one didn’t focus on one’s objectives and agenda it would be very easy to get distracted and squander the opportunity to network and get informed. One of the best comments I heard was, “In past years there was a lot of marketing at Oracle OpenWorld. This is now a truly educational event.” Mission accomplished.
One cannot help but be impressed by the scale of Oracle’s worldwide business and comprehensive suites of technologies. Customers have confidence in Oracle’s ability to invest in products that fulfill the complete range of customer requirements. The companies that Oracle has acquired over the past several years have been best of breed technologies providing functional excellence in their particular space. Individually, these companies delivered high performance solutions targeted at solving particular business problems. The scale of Oracle allows us to integrate these products into a cohesive suite and provide synergistic benefits. Additionally, our adherence to industry standards and partnerships with leading third party organizations, allow us to deliver solutions that analysts recognize as superior to the competition.
The Moscone North keynote hall’s capacity was about ten thousand seats. It was highlighted by a twenty by three hundred foot high-definition media screen on which images continually flashed, presentations were displayed, and community comments scrolled by. The experience was a continual feast for the eyes. In the midst of the hustle and bustle, there was a unique oasis of calm. Before each general keynote address, Zoë Keating (warning: sound on this link) a cello soloist gave a performance that was entrancing, hypnotic, soothing and technically intricate.
When I first walked into the hall and heard the music, I wrongly assumed that Ms. Keating was accompanying a sound track that had been previously recorded elsewhere. In fact, she was using a technique of recording a passage of music and then looping that section over and over while recording more tracks on top of the preceding ones. Her album’s title “One Cello x 16” is fairly self-descriptive of what’s going on.
As I listened, it was very difficult to tell what was live versus the tracks underneath without carefully watching her fingering, plucking, bowing, and sometimes gently striking the instrument. I arrived early to one of the keynotes in order to hear how the music built upon itself in ever-increasing complexity. It was fascinating. If one closed one’s eyes, one would fully expect that there was (at least) a full string quartet on stage. Yet on looking, there was only the solitary figure bowed over the one instrument, coaxing from it the most beautiful sounds.
Listen to this selection from “Legions” on her web site and you’ll get a good – albeit brief – sense for how the melodies and rhythms build one upon the other in layers upon layers.
It was nice to have this relatively peaceful reflective time during the rush of Oracle OpenWorld. It gave me the opportunity to think about lessons learned, common themes and issues with which folks in the identity management communities are wrestling.
In general, I would say that there were three universal threads: 1. Have a plan; 2. Start with a good identity foundation; 3. Gradually build upon the foundation.
Virtually all of the presenters from enterprise organizations emphasized the importance of involving both business management as well as information technology management in the analysis and implementation of identity management systems. I listened to British Telecom, Cisco, National City, Chick-Fil-A, Monster, Mitre Corporation, and others who clearly stated that an identity management deployment must be a partnership effort between technologists and business people. The business people understand the functionality and governance issues that need to be addressed, while the technology folks understand the security and infrastructure requirements to make it happen.
The second common theme among these successful organizations was that they all made sure that their foundation for identity management was solid. By this I mean that they had made and implemented the critical infrastructure decisions regarding issues like whether to consolidate or leave alone multiple identity stores. In the relatively rare case where they planned to consolidate, they made the necessary forward-looking decisions regarding the definition and design of identity attributes before they simply replicated the pre-existing state of affairs. In the more usual case where organizations implemented Virtual Directory technology to create a common interface into their identity stores, they clearly understood how this design would support their access control implementations for which the system was designed.
More than once during the week I heard the admonishment of “don’t boil the ocean.” This was repeated both by customers as well as Oracle product managers with the experience of literally hundreds of successful implementations around the world. This means that a well-planned project should be executed in phases where success builds upon success. Identity management is not a simple concept and it has significant implications for both business and technology sides of the house. Taking a step-by-step approach, where each chunk of the project is thought out, planned, and incrementally implemented assures success building upon success layer by layer.
Odds and ends:
· Overheard on the airport shuttle: “Spammers are getting more sophisticated all the time. They entice you to click on the attachment and then, BOOM! You’re pfished.”
· Conversation with a seatmate on the Oracle OpenWorld shuttle bus when she said: “I found someone’s log-on credentials under a demo station. I had taken an ethical hacking class so I didn’t look at it and turned it into the booth receptionist.”
· Greenfield Opportunity: I had a conversation with a government agency during which they made it clear that they are in the process of completely re-architecting their identity management systems. Effectively, they are starting from scratch, redesigning identity repositories, creating proper access control, role management, and bridging to external partners and other government agencies via strong authentication and federation technologies. I’ll be speaking more with them over the coming months and am looking forward to the continued dialogue.
· Identity Scam: I was rushing along back to the Moscone from a customer session when a fellow appeared at my elbow fast-talking about no place to stay, lost luggage, needing cash and holding up an Alaskan drivers license as proof of identity. After giving him a few dollars and walking on, I realized that he had kept his finger covering the face on the license each time he held it up for me to see. Spoils one’s charitable instincts and emphasizes the need for multi-factor authentication even in mundane transactions.
· TSA screener at SFO after looking at my ID: “Hey, it’s almost your birthday. Congratulations.” Nice to know that they are paying attention.
