Aujas US

An IDG Ventures Company

Identity and Access Management – This must be your project, not your partners’!

Lessons Learned

Identity and Access RiskHaving been through numerous Identity and Access Management (IAM) implementations, we see two common denominators in terms of customer expectations that rear their ugly heads rather frequently:

  1. Let’s integrate everything that we have, and
  2. Let’s do it all at once

One can understand the excitement we all go through when we contemplate having a solution that allows us link so many applications, streamline processes with workflow automation and synchronize attributes across the board. While that excitement is infectious and contagious, the sound voice of reason must be heard and listened to.

It is natural for you to want to do as much as you can with a product, and it is human to want all of it done yesterday. Hence, the onus lies on the domain experts to work closely with customers (as partners, not vendors) and plan out a deployment that gives the customers the most results as soon as possible and additional benefits over subsequent phases.

The “good” partner helps the customer prioritize their needs and requirements, and establish plans to achieve those objectives over phases. Strong project management and planning are the keys to a successful IAM program. The products from various vendors are unlike those of 5 years ago, they are now mature, stable and scale exceptionally well, unless hacked to death to fulfil a few exotic requirements.

We cannot lose sight of the top benefits of having a robust IAM program toa company:

  1. IT systems and applications are constantly compliant with a variety of regulations, there are few gaps in access recertification
  2. Processes and access governance have been streamlined – business demands, business approves, and business gets – with minimal or no IT intervention
  3. Password reset is automated and secure, and helpdesk costs are under control
  4. Peace of mind

 

So next time you want to know whose side the “partner” is on, throw a plan too ambitious at them. While most will try to give you what you demand, you will know during the course of their approach whose interests they have in mind, yours or their own.  After all, it is your project and responsibility.

Advertisements

November 22, 2010 - Posted by | identity and access management, Identity Theft, IT security, Risk management | , , ,

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: