Identity management tips
Eight suggestions on how to implement identity management smoothly
- Don't let the identity management tool determine how you do things. "Any product that forces you to change your business processes is not one that you want to pick," says Gartner's Roberta
Witty. For example, don't pick a tool that requires a role-based infrastructure if you don't already have one.
- Get senior management buy-in. Even assuming you follow tip No. 1, these tools still cause business change, so you'll want the support of senior management.
- Consider unique infrastructure implementations you may have. For example, Syracuse University had to build extensions to the Business Layers product to deal with the way it implemented
load balancing on its Unix servers.
- Expect the implementation to take more time than you think, especially if you have to deal with issues such as data cleansing.
- Budget heavily for consulting. You'll likely need some help, especially for larger implementations, and help can run two to six times the software license
fees, says Witty.
- Get lots of people involved. During a weeklong meeting with the vendor consultant, Syracuse's Gary McGinnis says that about 20 people cycled through
the conference room, from database and system administrators to line of business representatives. By the end of the week,
the university had a list of high-level issues that needed to be addressed, representing a range of perspectives.
- Plan for identity management to be implemented companywide, even if it's launched with a project for limited end users, says Kirk Kness of T. Rowe Price. Go ahead and define a lofty
strategy, then chip away at it a bit at a time. T. Rowe Price started in 1998 with 5,000 users on its smallest site, for institutional
investors. In 2000, it had 30 applications tied in and now has 150.
- Define terms. Make sure everybody knows what you mean by terms like authentication, authorization and encryption, Kness says, to avoid
wasting time on misunderstandings.
Network World - Read more about security in Network World's Security section.