It's 1985 and I'm sitting down at my first day at work (yep, I'm that old!), at ICL (anyone remember them?). What's the first thing I have to do? Login of course. With a Login ID. At the time I didn't pay much attention to this as being part of Identity Management, but of course we all now understand that my login ID was a part of my Identity, albeit a small part.

Today, with increasing threats, compliance regulations and the desire to reduce costs, Identity Management has spread its wings to cover all sorts of areas of IT - internal and external authentication, control of access to systems, applications (and their modules) and data, auditing, role based and context based access and single (or simplified) sign on.

Since 1985, I have learnt a great deal about Identity Management, starting with that lowly ICL Login ID and moving through things such as the Novell bindery, Microsoft domains, name services, directories, identity synchronisation, single sign on, portal customisation, application delivery, and federated identity.

With that variety where do you now start? My answer to this is always this - where you will gain the most business benefit. That may sound flippant, but it helps guide how any identity management programmes of work should be approached. Let me explain - a few years ago I presented in a roadshow in the UK for one of the leading Identity Management vendors. There was one slide that I kept being asked about afterwards. It was a simple slide with a question, an answer and two pictures; there was a picture of the ocean, and one of a saucepan boiling some water. The question was "How do boil an ocean?" The answer - "One pan at a time."

The links on the left of this page will take you to short articles which I hope will demonstrate that Identity Management is a large ocean of issues that are to be addressed, but by taking them one pan at a time, the whole thing can be boiled.