U-Blog 5

This is article found on nytimes.com

Here is the response, When was the last time Microsoft came up with something really helpful for the end users.
This company seems to be drifting further and further away from what the users want and closer to what the share holders want.
That said, cloud computing has a cloud over it when we speak of privacy and no matter how much technology is poured into it to ensure the privacy and integrity in the cloud, there will be greed and other human factors playing a role.
Cloud for the end users is a ticking privacy bomb and much worse than that for corporate users. The days of Cloud scam are not far off.

Microsoft and the Corporate Identity Crisis

By SAUL HANSELL

Do the people who run computers for big companies have an identity crisis? That was the impression I got after spending an hour Wednesday with Bob Muglia, the president of Microsoft’s server and tool business.

The hottest topic among the sort of corporate computing types that Mr. Muglia hangs out with is “cloud computing” — new ways to assign tasks to big data centers, many of which could be owned by independent companies, like Google or Amazon.com. Last month, Steve Ballmer, Microsoft’s chief executive drew me a picture of the company’s approach to cloud computing and its new Azure software. So I didn’t spend a lot more time on that with Mr. Muglia.

Instead, we talked about the problems faced by corporations trying to keep track of who is (and isn’t) authorized to use their computers.

One approach to improving verification is federated identity, where different companies can share information about people who are authorized to use their computer systems.

Consider Microsoft’s own employee benefit programs, he said. Right now workers set up one user name and password to connect to their 401(k) accounts at Fidelity, another for Smith Barney to link to the employee stock program, and still more for various other vendors. None of those accounts is related to the identity they maintain with Microsoft’s own computers.

“I have all of these separate identities,” Mr. Muglia said. “None of those are particularly good things. It would be better if I had my identity at Microsoft.com and all the identity would federate.”

With federated identity, Microsoft employees could log onto each site with their corporate user name and the Microsoft computer would be able to vouch for them.

Federated identity is also hot among consumer facing Web sites, by way of programs like Facebook Connect and the OpenID standard.

Mr. Muglia said that the Azure system, set to be introduced by the end of the year, will make similar services easy for corporations. This is a change for Microsoft, which originally planned to build its own system to validate the identity of all of the people using anything built with Azure and in the process create a gigantic directory of computer users.

“We thought there would be a central repository of identities that one company would own,” he said. “Now we realize that it is more likely that identity will be maintained by every organization somebody belongs to.”

For companies that want to handle this themselves, an upcoming addition to Windows Server will have similar features. (That software, known as Identity Lifecycle Manager 2.0, originally announced in 2008, has recently been delayed to 2010.) The new software is also meant to make it easier for companies to assign and change passwords for their users. It turns out that resetting passwords is one of the biggest expenses for corporate help desks, Mr. Muglia said.

Another persistent issue is making sure that traveling executives can get access to information they need without exposing companies to the risk of hackers and snoops. Mr. Muglia described a shift to “user-centric computing,” which would tie what someone can do to their identity, not the device they are using.

The good news, for worker bees who just want to get things done, is that it may be easier to log into any computer and find your stuff. The bad news is that the tools Mr. Muglia is building will give corporate overlords a way to take control of smartphones and impose their pesky rules on them.

“I want to access a broad set of devices,” said Mr. Muglia, assuming the identity of the typical corporate road warrior. “And I.T. wants to protect all of them.”

One development that may win Mr. Muglia more friends among the road warrier tribes is called Direct Access, which is built into the upcoming Windows 7 operating system and the next update to Windows Server. It uses a better way to identify corporate laptops, based on the slowly emerging standard, called IPv6, that changes how all the computers on the Internet find each other.

Right now, most companies require workers to use virtual private network software that identifies the user and encrypts the communication between the laptop and the corporate computer. Using Direct Access, users will find that whenever they hook a laptop up to the Internet, it will be as if they are connected inside their company’s building. Mr. Muglia assured me that this is all even more secure than the current approach.

“Users get happy because they have great experience, and I.T. managers get happy because their servers are more secure,” he said. “It is the only time I can remember in security where users get happy, because usually users get unhappy with secure things.”