From identity provisioning to government initiatives, a look at the security landscape FINANCIAL, TECHNOLOGICAL, AND personnel resources are increasingly being scrutinized and called into question in today’s economic climate. Contractors and customers often require access to network files and services to do their jobs and use your services. Yet security requirements are tougher than ever, so how do you balance all of these elements fraught with risk? By turning to identity provisioning and managing network access, rights, and rules. In a special report, Staff Writer Brian Fonseca tackles the thorny issue of monitoring and assigning user network rights (see ” All eyes on IM management “). However restrictive these network practices may seem, IT departments are seeing positive results in ROI, efficiency, and single sign-on convenience. Users are finding that the scalability and flexibility of current solutions are saving money while — most importantly — boosting security. Contributing Editor David L. Margulius chimes in on the identity management and provisioning argument with some serious questions about technology challenges (see ” Who, what, where “). Legacy user-information repositories are often inaccessible without custom solutions to extract the data. And most data is not stored in directories, which makes integrating it with LDAP-type directories difficult. In addition, there are numerous issues with workflow integration and metadirectories — to say nothing of those hackers eyeing a central repository for all user information. Courion CEO Christopher Zannetos addresses provisioning issues in an online live forum event on Wednesday, Oct. 9, at 9 a.m. PDT at /forums . Network security, privacy, and user rights are up for debate in Technology Director Tom Yager’s Enterprise Strategies column (see ” Privacy and risk “). With companies being held accountable for actions that take place on their networks, IT organizations must take control of their networks. InfoWorld CTO Chad Dickerson tackles the issue of securing an even bigger network: the homeland (see ” Securing the homeland “). With the release of The National Strategy to Secure Cyberspace, the President’s Critical Infrastructure Protection Board is taking a stand on network security and management. Dickerson suggests not only reading the report but also responding to the government’s views. Additional feedback on security initiatives can be found in the CTO Pulse section (see ” Sharing security secrets “). The second in a four-part series of questions from an InfoWorld CTO Network survey focuses on the appropriateness of government involvement in information collection. P.J. Connolly rounds out the issue’s security-related content by coming clean about his criminal background (see ” Criminal confession “). He asks an interesting ethical question about distinguishing legitimate research from criminal behavior. For security research and content ranging from reviews to news and features, please see our Security Subject Index at InfoWorld.com. We are in the process of updating our Subject Indexes, so any feedback would be much appreciated. Security