Identity Management Tips, Thoughts and Opinions

Matthew Pollicove

Subscribe to Matthew Pollicove : eMailAlertsEmail Alerts
Get Matthew Pollicove via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Enterprise IT: Moving CapEx to OpEx , ERP Journal on Ulitzer, Government News

Blog Feed Post

How to Pick an IDM / IAM solution

One of the things that I am asked about most often is not about the implementation of an Identity Management product, but rather how to choose a solution in the first place. While my biases are well known, I do have a general framework to help organizations figure out what direction and products they should be considering in pursuit of a solution, since we know that choosing an Identity Management solution is not always so straight forward.
Before there can be a discussion of product selection, there must be a discussion of the identity related processes that exist within the organization. This needs to come from a businessand processperspective. To do this you will need to work with the many parts of your enterprise IT organization to identify and break down the steps in the processes that will be involved in your eventual Identity Management solution.
From here you can begin to identify what technology components are related to these processes, GRC, SSO, User Provisioning, Virtual Directories, etc.
Note that I've suggested that the process must be defined before technology is chosen. Actually we haven't selected any specific technology brand or methodology, just identified what types we will need.
Once the processes are defined and they have been matched to types of technology the process of specific technology selection can begin.
Before we get into a discussion of how to choose the technology, let's talk for a moment which it needs to happen in this order.
Process is the human part of equation. It's the hardest to define as it can have so many variables. Not just on the part of the unique individuals in an enterprise organization, but of the organizations themselves. There are so many different combinations of business philosophies, government regulation and best practices that there are multiple ways of providing Identity Management services. So accurately mapping these out is a critical part of any IdM success.
Once this is done, it is a fairly straightforward exercise to identify what types of technology are required. In order to choose the proper technology it is important to consider the context that the enterprise works in. How is it organized?
  • By database platform?
  • By the ERP system
  • By an enterprise directory?
  • Some other criteria?
If the needs of the enterprise are applied to this list it begins to become clear what your direction should be. Of course, this is a pretty stripped down version of what needs to be done in the interest of space. The actual process will go into greater depth as criteria are weighted based on the needs of the organization and process requirements that we developed earlier in the planning process. From this point it is time to hand things over to project management and the implementation team. Good Luck!

Read the original blog entry...

More Stories By Matthew Pollicove

Matt Pollicove is an Identity Management architect, engineer, trainer, project manager, author and blogger with experience in user account provisioning, data synchronization, virtual directory and password management solutions. As a MaXware Technical Consultant and later as a System Engineer, he worked extensively with MaXware (now SAP) software products in large customer environments. In the past Matt has worked with several leading national and international consulting firms and is currently a Sr. Principal Consultant for Commercium Technologies. He is currently the Practice Lead for SAP NetWeaver Identity Management and SailPoint IIQ.