Top
Navigation
The Black Book of Identity Access Mgmt
This form does not yet contain any fields.
    « ID thieves don't take holidays | Main | Step away from the security policy, sir »
    Monday
    Sep062010

    And nothing BUT the truth

    DateMonday, September 6, 2010 at 12:51AM

    When I published my last novel (www.houseofhush.com), even people who liked the damn thing commented, “You’ve got all these strange characters gathered in one place. Is that realistic?” To which I replied, “It’s based on a real place, where the people were even stranger than my characters. If anything, I downplayed the strangeness.” Which was absolutely true. Reality is often stranger than fiction. An Olympic skater’s boyfriend hires goons to hit another skater in the knee, then the first skater ends up on a celebrity boxing show where she kicks the snot out of a woman who got famous for accusing the US president of sexual harassment. Who can make that crap up?

    In my recent masterpiece about identity and access (available from McGraw-Hill) , I have a whole lot of little grey boxes that pop up here and there, with stories from my experiences in the identity and access world. These are labeled as “true stories.”  I’ve had a few people ask me, “Are these really all true?” And in fact they are. I mixed up a couple of things, to save some folks some embarrassment, and in one case, I changed one tiny fact because the truth was more disgusting than what I printed.

    One of the sadder ones was about the guys who got fired for being too-early adopters of a product that turned out to be a good one, but which at the time was not. I remember the day I was pumping gas into my Nova, and receiving a call from one of those guys, who was literally crying, thinking he would be canned any day. I had told this particular customer “don’t be the first kids on your block” to own this thing. But they were. In fact, they did just about everything you can possibly do wrong in running their project, and buying a 1.0 of a new directory was the final nail.

    (There are actually LOTS of ways to muck up an IAM project, and here are my top ten.)

    But one of my favorite true stories in the book is about an old employer of mine, where, because of badly written software and terrible QA processes, they sent out a bunch of letters to people who were too dead to read them, and all the letters were essentially addressed to

    Mr. John Q. PublicDeceased

    The old saying goes, comedy equals tragedy plus time. It’s only funny now, two decades later.

    So here’s my point for today: whatever you build, TEST IT. Run it through a few paces first. Beat it up, before it beats YOU up. These aren't just simple use cases, where you want to make sure two numbers add up properly to a third. These are identities, and they're not just data to hold and process, they are precious to their owners. You're just the caretaker. TEST, then test again.

     

    AuthorJeff the IAM Guy | Comment1 Comment |

    PrintView Printer Friendly Version

    EmailEmail Article to Friend

    Reader Comments (1)

    You should write another book !

    December 16, 2011 | Unregistered CommenterDoug

    PostPost a New Comment

    Enter your information below to add a new comment.

    My response is on my own website »
    Author Email (optional):
    Author URL (optional):
    Post:
     
    Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

    Notify me of follow-up comments via email.