Clean data is happy data

Virtualizing directories can help administrators use multiple sources of identity data more effectively, but the virtual directory is only as good as the directories it relies on. And often, that is not very good.

'In most cases, the data is as dirty as a pig pen,' said Dieter Schuller, vice president of business development at Radiant Logic, which makes the RadiantOne Virtual Directory.

In addition to being accurate, identity data must be presented to the virtualizing engine in a way that lets it understand, for example, the relationship between Richard Smith and Dick Smith.

'The application is not difficult,' said Bill Claycomb, who uses RadiantOne as head of user account provisioning at Sandia National Laboratories. 'The tricky part is understanding how the data relate to each other.' The virtual directory can be made to look like any directory the user is familiar with, making it easy to use. 'But it was challenging to put the data together in the right way and to be sure that we were showing the data we wanted to show,' he said.

As with many other technologies, the virtual directory does not eliminate the need for work.

'There is no magic here,' Schuller said. Cleaning up the roles and identities in multiple data sources requires defining business rules to identify multiple presences in directories and establish correct links between multiple directories. And keeping the directories clean and up-to-date is not a one-time job but an ongoing process.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above