In article one and two I made the case for identity-management (IdM) and how an IdM solution can address the everyday problems experienced in organisations. In this article I’m bringing things back to reality and I’ll be highlighting the aspects that could cause your IdM project to overrun and underdeliver.

Firstly, technology is only 20% of the solution. IdM is an extremely process-driven solution and, as with any new system where you automate manual processes, you have to realise that those processes will change and that they have to be redefined with all the parties involved. Depending on the maturity of your business processes, this can be a lengthy part of the overall project.

Be aware of your internal skill set when attempting an IdM project. It is still the new technology on the block, and although there’s nothing resembling rocket science about it, you still need to understand the concepts of implementing an IdM solution and learn the technology you will choose to do so. Consider using external consultants who specialise in IdM with a proven track record to speed up things up and realise your ROI in a shorter time period.

Your chosen IdM solution might also force you to run specific software and hardware infrastructure in which you have no experience or available skills. This will obviously put extra strain on existing resources or you’ll have to appoint new staff to deal with it.

Be frugal when establishing your identity attributes. Don’t manage attributes that you might need one day, or because it’s easy for the IdM solution to do so. Depending on the maturity of your application architecture, you should try to avoid managing business and transactional attributes (account balances, policy status) in your solution, unless it has a direct impact on the security aspect of the identity. There are exceptions of course.

If you have a successful IdM implementation, the chances are extremely good that you will make certain people and positions redundant, as these positions were created to deal with the lack of a proper IdM solution in the first place. Identify these people and positions early in the project and provide them with the opportunity to improve their skills, and either make them a part of the IdM project or migrate them to another area of the organisation.

IdM projects take time. Two- to three-year implementations are not unheard of and the key to a successful implementation is proper planning. External consultants with experience can help to speed up things and mitigate many of the risks you will encounter sooner or later.

Identify the low-hanging fruit. IdM solutions tend to be costly and lengthy because of sheer scale and legacy complications, but by delivering quick and continuous returns to prove it as an asset will ensure that your project will survive the budget axe wielded on all financial black-hole projects.

I hope these three articles have provided some insight into what IdM is, what it can do for you and for which things you need to keep an eye out. Implementing an IdM project is extremely rewarding, but can become very sticky as well, so don’t go into it with your eyes closed.

Author

  • Alwyn Van Niekerk is a systems architect currently specialising in identity and access management, having written, designed, and architected many large-scale enterprise Java systems. He has a keen interest in Linux and OSS and the current next-generation game-console war, and frequently heads to the countryside with his wife on their motorcycles to forget completely about all of the above ...

READ NEXT

Alwyn Van Niekerk

Alwyn Van Niekerk is a systems architect currently specialising in identity and access management, having written, designed, and architected many large-scale enterprise Java systems. He has a keen interest...

Leave a comment