[LINK] 'Telstra deploys single sign-on for [400] staff'

Frank O'Connor francisoconnor3 at bigpond.com
Thu Jul 28 19:45:37 AEST 2011


In theory it should work …

In practice the directory structures are way complex, policy administration, groups administration and the like is a heap of work. Add in the fact that people in entities tend to transcend groups/structures, that administrative structures are really fluid, and that people move from one role to another with monotonous regularity and it all gets too hard.

Then factor in Murphy … and bad things happen very easily.

Personally I liked the idea of single sign-on facilitated by sophisticated directory services … but as you said, the successes are far and few between (and not helped by an abundance of incompatible 'standards' espoused by vendors, and the propensity of vendors to sell their own product … be it a database, a directory services platform or whatever … rather than the best for purpose.)

Single sign on … a fairy tale, unless you work in an organisation of less than a few hundred people … and even then if it can go wrong it will go wrong.

On 28/07/2011, at 5:02 PM, Roger Clarke wrote:

> [And people don't like it when I point to the low levels of success 
> achieved with the single sign-on notion over the last, what, 20? 
> years??
> 
> [I especially like the title of this particular article:
> SINGLE SIGN-ON NEARS REALITY - V McCarthy - InfoWorld, 1994]
> 
> Telstra deploys single sign-on for staff
> ITNews
> By James Hutchinson on Jul 28, 2011 12:21 PM (4 hours ago)
> http://www.itnews.com.au/News/265048,telstra-deploys-single-sign-on-for-staff.aspx
> 
> Telstra has completed roll-out of single sign-on infrastructure for 
> 400 staff at its global operations centre in Melbourne.
> 
> The deployment, based on IBM's TAM ESSO 8 software, involved 714 
> desktop PCs at the operations centre and was estimated to yield up to 
> $1.5 million in productivity savings per year.
> 
> It would automate login processes for up to 230 applications required 
> by staff at the centre which oversees critical network services and 
> other Telstra operations.
> 
> Surveillance staff previously signed on to at least 20 applications 
> individually at the beginning of each shift. Most of those 
> applications required unique passwords and often usernames.
> 
> Staff had taken to storing passwords on spreadsheets, notebooks, 
> printed sheets of paper and post-it notes, among others, to remember 
> individual login credentials.
> 
> "We were breaking every security IT policy," said Telstra support 
> engineer, Herman Recinos.
> 
> Password resets for individual applications often took between 24 and 
> 48 hours for staff.
> 
> Staff had also called for the replacement of a previous attempt at 
> single sign-on, TAM ESSO version 6, which often corrupted credentials 
> and would not refresh any changed passwords.
> 
> Staff who hot-desked between computers and shifts were often unable 
> to properly login to one or multiple computers and applications 
> simultaneously.
> The single sign-on capability was deployed across all desktops in the 
> surveillance room of the centre "overnight", according to Recinos. It 
> was used across two servers running Windows 2003 virtual machines and 
> housed in separate Telstra exchanges for redundancy.
> 
> The deployment had been made relatively cleanly though IBM consultant 
> Robert Trotter conceded that, at one point, the software rollout 
> prompted the giant, NASA-like monitoring screen housed within the 
> centre to reset.
> 
> Rival telco Optus had also recently deployed a self-service password 
> management system in an attempt to reduce productivity and helpdesk 
> costs by up to $300,000 per year.
> 
> James Hutchinson attended the Pulse 2011 Conference as a guest of IBM.
> 
> 
> -- 
> Roger Clarke                                 http://www.rogerclarke.com/
> 			            
> Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
>                    Tel: +61 2 6288 1472, and 6288 6916
> mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/
> 
> Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW
> Visiting Professor in Computer Science    Australian National University
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link





More information about the Link mailing list