Microsoft To Combine Identity and Security Divisions

Microsoft this week unveiled plans to roll up its Access Security Division and Identity and Access Divisions into a single, unified group, in a move that will take effect at the start of Microsoft's fiscal year on July 1.

The new Identity and Security Division will centralize the development and business groups for all of Microsoft's security and identity products, both consumer and enterprise, and will represent an umbrella for the Forefront portfolio of products, Identity Lifecycle Manager, Rights Management Services, Active Directory and Cardspace.

Ryan Hamlin, general manager of Microsoft's Access and Security Division, will lead the overall development efforts for the combined group, while Douglas Leland, general manager of the Identity and Access Division, will lead the group's worldwide business initiatives.

Microsoft channel partners said the move reflects the increasing overlap between security and identity. "Architecturally, this move makes a lot of sense, because you can't really have security without identity," said Gil Kirkpatrick, chief technical officer at Netpro, a Phoenix-based security and compliance ISV.

The most pressing issues in security today are about controlling access and not about managing identity, according to Kirkpatrick.

"From a security standpoint, you have to be able to identify things that are accessing your system and if they're allowed to have that access," he said.