Tivoli security professionals are pretty much in the Risk Mitigation business. Any organization who has any identity information in house on employees, customers, or partners will at some point address the risk of losing this information. And subsequently they will ask:
"What's the chance of losing that information?"
"What's the cost to us if that information gets lost?"
"What should we do about it?"
The answers are undoubtedly, ignore the risk, accept the risk, mitigate against that risk, or just buy some extra insurance.
Organizations large and small are thinking about how important it is to deprovision accounts that are no longer needed. Doing this via e-mail is not going to work well. This is one main reason Identity Management systems exist.
These latest security breaches illustrate the headaches organizations face when they fail to ensure that their former employees are removed from accessing their IT systems:
http://datalossdb.org/incidents/2152-unauthorized-access-by-a-former-employee-exposes-names-addresses-and-social-security-numbers-of-past-and-present-employees
And this one was even more brazen by an American Express employee. Holy crap $1 million. This guy had a good job watching over the systems that hold data for many of us. I'm not sure how you prove that a laptop which is reported stolen wasn't really stolen. This dude should go to jail for a long time.
http://www.kpho.com/money/19936013/detail.html
Wednesday, July 8, 2009
Why hire consultants?
I have always thought of myself as a consultant. Perhaps I'm just a people pleaser, not to the extreme that I'm compulsive or anything, but that I genuinely like to help others. I can recall the days when DOS 5 was a huge deal. I was networking computers using ArcNet, LANTastic and Novell 3. A 386 DX2/66 with 4MB of RAM was smoke'n fast.
I recall some of the best advice I got from a guy named John Posey (John if your still out there thanks for all your help). He said, "Chuck, run out and buy yourself a DOS book." The past mystery of my Commodore 64 seemed silly once I read that DOS book. It was clear to me then that if one could read, one could do this technology stuff. Oh how things have gotten so complicated.
So, why should you hire consultants?
1.) Well, look I understand all you geeks out there who are highly skilled can certainly figure all this stuff out yourself. Like I just said, if you can read, you'll get there eventually. But, the bottom line is there just isn't time for everyone to know everything. Take TIM, TAMeB, TFIM, TAM ESSO, TCIM, TSOM, and the rest of the Tivoli Security products. If you want to implement any one of these or some of them, you can certainly buy the software, read the manuals and go for it. The fact is though, it doesn't always work like the manual says. So, you may have to do it a few times until its right. And that's OK. But, businesses today are more concerned with ensuring that the technology is solving business needs. They are not necessarily interested in making you an expert at installing Tivoli software. That perhaps is better left to consultants.
2.) Good consultants are in this game because they like to help people. At least that's the experience I have seen with the colleagues I work with. And the objective is to enable customers to be self sufficient in steady state maintainability of the products and solutions.
3.) We really have seen many use cases, configurations and different applications of these software products so you can save a ton of time in the planning phases of your projects by using consultants.
4.) Consultants in the security business have a lot of friends doing the same thing which can help in getting the right skills on the job. Solutions using enterprise software like Tivoli will often require many different skills. There will rarely be one guy/gal who can do it all. Although I've worked with some amazingly bright people in this business, there are usually multiple people involved in average Identity Management projects. Utilizing a good consulting group will help you succeed. For Tivoli, an IBM Business Partner is key for a couple reasons:
a.) IBM Business Partners have unique relationships with IBM which helps to deliver solutions most cost effectively.
b.) IBM Business Partners can bring versatile project management skills to your project which may involve IBM and Non-IBM products and solutions
c.) IBM Business Partners can bring low cost resources into your project as well as subcontracted IBM resources which helps to drive down the cost of your project while maintaining a strong IBM presence in the success of the project
d.) IBM Business Partners have a vested interest in seeing the IBM solution succeed.
5.) Good consultants will pass on their experience and knowledge to you. I tend to share as much as I know because I believe in educating people, I will also learn some new things. Every good project should have some time dedicated to knowledge transfer, but even when that dedicated time is not there, you will still learn a lot from a good consultant.
6.) Consultants save you time and money in the long run. Lets face it, time is money. If a project is being managed properly, there will be some realistic goals and objectives. If the goal is say 6 months from now we will have xyz product installed and configured and you already have a full time job, then how likely will you meet that goal? Hire the consultant and get the job done.
I recall some of the best advice I got from a guy named John Posey (John if your still out there thanks for all your help). He said, "Chuck, run out and buy yourself a DOS book." The past mystery of my Commodore 64 seemed silly once I read that DOS book. It was clear to me then that if one could read, one could do this technology stuff. Oh how things have gotten so complicated.
So, why should you hire consultants?
1.) Well, look I understand all you geeks out there who are highly skilled can certainly figure all this stuff out yourself. Like I just said, if you can read, you'll get there eventually. But, the bottom line is there just isn't time for everyone to know everything. Take TIM, TAMeB, TFIM, TAM ESSO, TCIM, TSOM, and the rest of the Tivoli Security products. If you want to implement any one of these or some of them, you can certainly buy the software, read the manuals and go for it. The fact is though, it doesn't always work like the manual says. So, you may have to do it a few times until its right. And that's OK. But, businesses today are more concerned with ensuring that the technology is solving business needs. They are not necessarily interested in making you an expert at installing Tivoli software. That perhaps is better left to consultants.
2.) Good consultants are in this game because they like to help people. At least that's the experience I have seen with the colleagues I work with. And the objective is to enable customers to be self sufficient in steady state maintainability of the products and solutions.
3.) We really have seen many use cases, configurations and different applications of these software products so you can save a ton of time in the planning phases of your projects by using consultants.
4.) Consultants in the security business have a lot of friends doing the same thing which can help in getting the right skills on the job. Solutions using enterprise software like Tivoli will often require many different skills. There will rarely be one guy/gal who can do it all. Although I've worked with some amazingly bright people in this business, there are usually multiple people involved in average Identity Management projects. Utilizing a good consulting group will help you succeed. For Tivoli, an IBM Business Partner is key for a couple reasons:
a.) IBM Business Partners have unique relationships with IBM which helps to deliver solutions most cost effectively.
b.) IBM Business Partners can bring versatile project management skills to your project which may involve IBM and Non-IBM products and solutions
c.) IBM Business Partners can bring low cost resources into your project as well as subcontracted IBM resources which helps to drive down the cost of your project while maintaining a strong IBM presence in the success of the project
d.) IBM Business Partners have a vested interest in seeing the IBM solution succeed.
5.) Good consultants will pass on their experience and knowledge to you. I tend to share as much as I know because I believe in educating people, I will also learn some new things. Every good project should have some time dedicated to knowledge transfer, but even when that dedicated time is not there, you will still learn a lot from a good consultant.
6.) Consultants save you time and money in the long run. Lets face it, time is money. If a project is being managed properly, there will be some realistic goals and objectives. If the goal is say 6 months from now we will have xyz product installed and configured and you already have a full time job, then how likely will you meet that goal? Hire the consultant and get the job done.
Subscribe to:
Posts (Atom)