Where Security and Data Integration Meet


I really don't tend to think of data integration or management as a security issue. Certainly, data security is an issue, but it seems like-and indeed is almost always-treated as something completely separate from integration.


Even when we talk about the cloud, where potentially the integration can be handled outside the domain of your cozy, secure firewall, we talk about security as the No. 1 enterprise concern, followed by integration as No. 2.


Recently, a virtual directory company called Radiant Logic challenged that assumption for me. It started with a PR representative mailing me:

I know you write a lot about data integration, MDM and metadata. I really wanted to introduce you to Radiant Logic, if you're not familiar with them. I know you regularly interview company principals and thought you might want to speak to Dieter Schuller, VP of Business Development. He could talk about Radiant's products and features for identity virtualization and integration.

Identity integration? I wasn't convinced that this wasn't just another term for identity management or single sign-on, and not about integration at all. After all, identity management is a security matter, right? But finally, I decided to learn more and we set up an interview.


It turns out, identity integration has a lot to do with data integration and data management-especially master data management - in this heterogeneous, service-oriented, increasingly virtual ecosystem we call enterprise IT.


At one time, identities were easily segregated into "employee," "vendor," "partner" and "customer." Which data you accessed, which applications you used were based on these hard identities, but no more as companies see the value in exposing some of the same information or applications to customers, employees and partners. Explained Schuller:

It's become an integration issue since these lines have gotten blurred, and it's become an even bigger issue since enterprises have started consuming services through the cloud.

This issue of identity integration also abuts master data management and customer data integration, according to Schuller, who says Radiant's identity solution is often used as a supplementing technology in customer data integration and MDM implementations. Schuller said:

MDM and CDI vendors go though this process of correlating customer data. They store some of that centrally and then some of them even have the ability to reach into the existing silos and pull it. But what they don't do a very good job of is actually giving you the ability to provide very fine-grained access to that data to the application. We get involved in situations where the customer wants to MDM- or CDI-enable their identity infrastructure and make it scale to beyond employees; and we get involved in master data management projects and CDI projects where they have a very strong security requirement.

Identity integration also becomes a key issue during mergers and acquisitions, according to Radiant's recent press release announcing three new products built on its RadiantOne Identity & Context Virtualization Platform.


Maybe it's time some of the more niche MDM and CDI companies - not to mention the data experts on your staff - spent a bit of time talking with the security team. While companies may think of identity management as a security issue - and an increasing number of enterprises are adopting identity and access management (IAM) for that very reason - dealing with identity actually cuts across all IT areas, from applications to data management. And security could learn a thing or two from data integration experts, as Philip Howard of Bloor Research recently pointed out.


Sharing: Your kindergarten teacher tried to tell you it was a valuable life lesson. Isn't it time to put it to work?