BYOI (Bring You Own Identity): The culinary adventures of Madame “Mobilitè”-How to make a perfect omelette

4 Flares Twitter 4 Facebook 0 LinkedIn 0 Buffer 0 Email -- 4 Flares ×

BYOI is a series I’ve decided to create to “talk” about #identitymanagement so it is about #security, #governance, #management and many other aspects of the #IAM realm.

The difficulty with all written recipes for omelets is that before you even start to make one you must read, remember, and visualize the directions from beginning to end, and practice the movements.

Julia Child


  • 3 large eggs
  • 2 teaspoons whole milk
  • 1/4 teaspoon kosher salt
  • 1/8 teaspoon freshly ground black pepper
  • 1 tablespoon unsalted butter
  • 1 teaspoon finely chopped fresh herbs, such as parsley, chervil, or chives, plus more to garnish

An omelet should be a pale yellow, fluffy, delicate bundle—not the dry and chewy, massively stuffed piles you’ll find at the diner. Omelets are not difficult to make: All you need is the right pan, enough butter, and some wrist dexterity. Fill this basic omelet with just about anything, and serve it for a satisfying breakfast or lunch with a salad. – Recipe for a Basic Omelette (

Theoretically make omelets for the skilled cook should be a simple factor of mix the eggs with the milk and the other minor ingredients, the result is guarantee and will satisfy the critical palates as the more accommodating giving back to the cook an equal pleasure knowing that he/she get the expected results. Sometimes for some  reasons  often drive the inexperienced cook  will try to add more ingredients to this simple recipe ending up in a different result that could be summarize in the image below:

Image: “ Stephen Wildish” –

It’s quite obvious that the golden rule of “less is better” it’s applicable to this recipe. Indeed adding some flour will add an extra taste to the eggs but will result in a pancake  as the lack of the eggs will give us lovely pasta totally unusable for the omelette.

It’s a matter of balance: too many ingredients or too less will drive the inexperienced cook to a different result from the one expected.

On #IDAM,#MIM and the “secret ingredient”

Let’s us assume that our ecosystem it’s nothing more than our critical palate to satisfy. It is obvious that we have first of all to understand what our host desire. Thinking that  only the omelette or the pasta or the batter to do some fried vegetable (in example) could not be a choice made only by us.

In the ecosystem exist many actors:

  • The cooks : it’s those who setup the recipe, who choose the ingredients and decide how to mix them to gain the result requested
  • The waiters: those are the frontend of the restaurant ecosystems, they monitor the customers  to understand if the delivered food is at the expected level, they understand the the business customer request, they suggest options, side dishes and add-on’s beverage to customers in order to make their experience pleasant.
  • The customers: those who choose from the menu, reading between the lines of it making in their head a list of expectation that vary from the experience of the whole dinner or simply in the choice of a single dish. Some of them will accept the waiter suggestion other will simply request a specific mix of features food and drink .

Some LOB look at the cooks as a simple bunch of operators who put together technology and offer a, more or less, solution. The cooks, too often, look at the customers like if they are some tasteless individual unable to understand the complexity and beauty of the technological ecosystem. Let say we look at the #BYOD wave or at the #dataclassification discussions (here) and we will immediately get the picture:

if we give too much freedom to a  non-technological  approach the risk is to get in a endless loop made by: understanding the information, design the right process to manage it, define the boundaries of the process,etc..

if we give too much  freedom to a technological approach the risk is to get a working rule that do not satisfy our customers in terms of: usability,scalability,etc..

and then there is the  data and the many ways to  access to it.

In a recent conversation  between me, Brian Katz (@bmkatz) and Paul Madsen (@paulmadsen)  on #dataclassification and the ways to use #IDAM and/or #MIM to manage the data a simple question raised a bigger problem. The questions/statements were:

Employees identity (and keys) should drive a) what apps they can have b) what data they can access and c) protection of stored data – @paulmadsen

@paulmadsen true : a) & c) are easily done if b) is known, but if b) is not structured/known you have to use#IDAM (MIM) . #new -@festaatdell (me)

@FestaAtDell but IDaM =\= MIM but rather a necessary component@bmkatz -@paulmadsen

@paulmadsen@FestaAtDell Agreed – although if you follow the example, all the elements are there for MIM – @bmkatz

@FestaAtDell what role does MIM play for browser apps? Are we done with them? -@paulmadsen

@FestaAtDell ‘answer’ is to redefine MIM so includes rules over a) release of data (whether to browser/app) & b) protection of stored data -@paulmadsen

So here’s my doubt is through a redefinition of a single ingredient  that we will find the “answer”? Do we have to focus on the single  ingredient or we have to better understand what the combination of more than one will give us as a result?

Let see my  point of view on the omelet.


So the ingredients  are:

Users: because they must be managed. CRUD activities are something you cannot’s not a matter of what you use or what they need’s a matter of YOU have to manage them somehow.

Device: Like the users you have to manage them and what is worse is that the world is now more complex. What is a device after all? a tablet? a phone? a browser app? a cloud service? the boundaries are thinner day after day

Data: I already posted about  data classification and will do again. The point is data is again something you got in your ecosystem and you have to manage them too but there are many approaches and many ways to get them.


So let’s mix a bit the ingredients:

#IDAM: I placed IDAM between devices and users. My opinion is that could stay in the middle of the Venn diagram but it is even correct that #IDAM itself cannot manage some specific kind of combination (like browser app data access cases).

So the recipe is simple but what if you decide to add a little bit of #DATA in it?

Well if the DATA is  device agnostic so probably you obtain some #IAG but if you need to discriminate if the #DATA must be access from a #DEVICE or another then…well…here’s the second recipe:

#MIM: I have some Users who access to their data from a mobile device or a cloud/app service..and somehow I have to manage them. My approach is DATA centric but I am aware of the device…what I consider as marginal is the user. this is not wrong or right is just a different way to look at the things.Different ingredients, different results or maybe same results.


The point is what I have to use when I’m in a situation where I want to use all the ingredients at the same time?

My “answer” is…don’t try to mix the recipes, you don’t have to redefine the results neither you have to change the ingredients, you just have to use the right recipe with the right mix of ingredients. And please, listen to the customers they know what they want  and some of them are really well schooled on food and wine…after all even cooks must eat sometimes.


The difficulty with all written recipes for omelets is that before you even start to make one you must read, remember, and visualize the directions from beginning to end, and practice the movements.

Julia Child