IBM Taps Into Identity Management Issues

Arvind Krishna, vice president of security and provisioning at IBM, said the Armonk, N.Y.-based vendor wants to have 300 to 500 people trained on the deployment of identity management solutions at partner organizations by the end of 2004.

To that end, the company is spending over $5 million on training and other incentives to foster interest in the technology among solution providers and has 10 people dedicated to building a channel around the category, Krishna said.

Thus far, IBM has signed solution providers Blue World, Cap Gemini, Deloitte and Touche, ePresence, iRise, SecureIT and Unisys. IBM sees 100 identity management deals a year involving third-party partners, and Krishna said he expects that number to reach 150 to 200 deals by the end of the year.

But one issue that has held this segment of the industry back is that it has been identified too much with security technology, while it is really a networking issue.

Krishna said IBM is trying to recast it as such. The vendor is therefore trying to connect the technology more with application management and business-process integration initiatives.

"The truth of the matter is that people with titles such as chief security officer or chief privacy officer are not the budget holders," Krishna said. "We see them more as influencers."

As a result, Krishna said that IBM wants to make identity management a more visible issue among the application development community.

Max Ford, a principal at Deloite and Touche, Detroit, said identity management plays a role across multiple IT disciplines. "ID management is a combination of network management and security. It has to be a part of both," he said. "We're always in the process of advising our clients where [their] ID management process should fall. When it comes down to it, they put the actual day-to-day function of managing this environment in an operational capacity."

Industry analysts note that IBM's suite play may have a longer sales cycle than its competitors' suites, due to its focus on application development as compared with others' best-of-breed approaches.

"The IBM approach has a much longer type of sales cycle and is intricately tied with the security folks and involves more people, but would ultimately be perceived as a strategic 'fabric' to build your applications on over time," said Earl Perkins, vice president of Security and Risk Strategies for the META Group.

Perkins added however that this approach may be a long shot for many solution providers, many of whom may prefer to wait for a critical mass of Web services development work to create the requirement for identity management products.

Nevertheless, some solution providers remain optimistic that identity management has plenty of long-term potential.

"When real big guys make major investments in the space, it has a chance to be real," said Scott Silk, senior vice president and general manager at ePresence, a Westboro, Mass-based consulting firm and IBM partner that specializes in this category. "Big guys don't make investments in a space until they see the whites of customers' eyes and see that customers are willing to spend some money on this stuff."