IN THE BOARDROOM™ with...
Mr. James Heaton
Global Director of Identity Management
General Motors
www.GM.com
Nasdaq:GM
SecuritySolutionsWatch.com:
Thank you for joining us today, Jim. Please give us an overview of your
background and a brief history of GM’s Identity Management Group.
Jim Heaton: After working my way up to being the first CIO for
an international automotive parts supplier, I joined Oracle and then IBM,
helping both launch their global automotive vertical consulting practices.
From there I came to GM as the Director of Systems Integration for Manufacturing.
Coming to GM was the realization of a dream for me as a hard core car
guy. I have a passion for our products, and we have a lot of them to be
proud of these days.
My current assignment is as GM’s first Global Director of Identity
Management. Before I began this task, GM had some great people doing directory
work around the world, but no single sanctioned Identity Management strategy
with a team to span the company.
SecuritySolutionsWatch.com: Please give us an overview of GM ID solutions.
Jim Heaton: As a company that does business in over 200 countries around
the world, GM has a large diversity of ID solutions that were built up
over time. A major breakthrough for us was senior leadership approving
a global strategy for unified identities within GM. We’ve been driving
hard down that path, and more recently in linking all the good Single
Sign On (SSO) work done in our different process areas into a more unified
SSO experience for our users.
SecuritySolutionsWatch.com: What is your perspective on the market drivers
for secure ID and authentication at this time.
Jim Heaton: Beyond the obvious regulatory compliance requirements, we
see the push toward SSO driving easy-to-use but more secure credentials.
At first glance experts often think these are diametrically opposed objectives,
but large numbers of complex single factor credentials (think ID/password
combinations) drive emergent behavior in users that can be far less secure
than a solid, unified 2 or 3 factor solution.
SecuritySolutionsWatch.com: Are there one or two recent projects
or success stories you’d like to talk about?
Jim Heaton: Getting agreement on a unified logon ID, as well
as global common unique key for people using our systems was a major success.
We are a long way toward rolling out those identifiers to hundreds of
thousands people using GM systems, and we have hundreds of applications
already adopting that common login. A major challenge though is to convince
COTS vendors that the login identifier should not be the public ID for
each user – it’s a factor of authentication, not a collaboration
ID. Almost all of them use some kind of internal index to uniquely assign
to identity records, but it can take some convincing to get them to open
that up so we can have a common identity index across our systems. That
index is a natural replacement for government identifiers in many situations.
SecuritySolutionsWatch.com: How do you see the transition from Government
to commercial usage of biometrics for secure ID coming along?
Jim Heaton: Clearly we are in a phase where the commercial sector is
looking for ways to adopt secure ID technologies. Government adoption
has allowed these solutions to incubate and mature. Companies like GM
are interested in these technologies now more seriously than when they
were an order of magnitude more expensive.
SecuritySolutionsWatch.com: What resources such as White Papers and
Case Studies are available for end-users on www.GM.com?
Jim Heaton: Our focus at GM is on great cars and trucks, so the
work we do in IT is always focused on enabling that. I will point to some
of our vehicles and their interesting use of identity technologies as
our inspiration. www.GM.com has information
on some of these features. For passenger vehicles a great feature we have
offered in many models for some time is driver customization and personalization.
The vehicle stores your preferences for seat, mirror and pedal position,
radio presets (including equalizer settings by station), volume when you
were last in the vehicle, GPS favorite destinations, climate control settings,
your name or greeting to display and many more settings. These are mapped
to the wireless key fob and/or key used by the driver. In my last Cadillac
STS, the vehicle would actually set these before I got into the vehicle
without me touching a button (wirelessly from the fob), and would lock
the door as I walked away. This combination of user friendliness and improved
security is what we are after in IT when we are implementing new projects.
Picture something as simple as remote start – what if my PC could
start the login process for me as I was approaching (while still keeping
the console locked), and be ready to go when I sat down?
SecuritySolutionsWatch.com: We understand that you will be speaking
at the I-Pira
Biometrics Series.
May we have an overview of the key subjects you’ll be addressing?
Jim Heaton: I’ll be talking about possible uses of fingerprint
technologies that GM is interested in. We have some use cases that we
think are generally applicable in the market.
|