The new museum, designed by the Richard Meier architect is quite charming: I like its pristine structure that is full of light, but what really touched me was the Bruno Munari exhibition.
In fact Munari’s works and his attitude of whimsy and sheer inventive imagination were actually venerated by me when I was a kid.
From the catalog:
“Munari’s life (1907-1998) and career spanned the 20th century, and he was among the most seminal exponents of Italian design and graphic design. Yet he never received the accolades and recognition on an international scale that he so richly deserved. What sets Munari apart from other designers is that he engaged in a quiet, playful revolution, inventing and designing with humorous and modest creativity, challenging all conventions and stereotypes intelligently but without flamboyance.”But let me tell you why I’m speaking of Bruno Munari in this blog.
Walking along the exhibit set course, I noticed some of Munari’s sentences on the walls, and among them one in particular attracted some attention:
“Progresso è quando si semplifica, non quando si complica”
“Progress is when things get simpler, not more complicated”
“Progress is when things get simpler, not more complicated”
I like to use quotes to mix things up: in this case Bruno Munari reminds me of the aggregation (and/or acquisition) processes currently taking place in the Identity Management space.
We, as all vendors, are supporting our customers move from automating infrastructure procedures (that is meta-directory services, basic identity administration and access management) to enabling business processes, towards the satisfaction of the new requirements for Governance, Risk and Compliance (GRC).
Thus most vendors started down that path of adding new features, and new modules; often with the shortcut of specialized company acquisitions.
And the result is. ......Yes, for sure we are allowed to check the coarse grain Role checkbox in RFP's, and if the prospect asks for a POC we can always mask the mess, ..... and in parallel: let’s pump cosmetic marketing campaigns.
So if the product isn’t built, since the beginning, around a data model that is able to natively manage all processes linked to identity, role life cycles and access governance, just two alternatives are available:
- Rewriting from scratch the product around a coherent and complete data model;
- Try immediately to trim the fat, hide the complexity and hope that the discrepancy that exists will definitely be decreased in the next releases and beyond…
Is it possible to really integrate an Identity Management solution with an Advanced Role Management solution? And what are the risks associated with this two-headed architecture?
I will write more about this in the next post and try to explain our idea of integrated solution that is able to natively support all the needed features in a scenario, where Advanced Role Management capabilities together with strong Authorization Management is gaining momentum