Identity Management Success

Great news! The blog is now “friendly link” enabled. We have finally removed all of the ugly links with question marks, and have made the blog easier to remember, index, read, and visit. Please update your bookmarks if using the old link structure.

Hello Everyone, and thank you for reading our blog.

I wanted to take this opportunity to say a little bit about this blog, why I write it, and cover a bit about about its purpose. The reason this blog exists is to cover the project side of Identity Management, explain the role of Identity and Access Management processes and technologies, and provide the benefit of practical experience and perspective to people and organizations that are either considering deployment of Identity Solutions, or are deeply entrenched in a deployment.

Audience: This blog is targeted squarely at managers, C-level executives, and Project Managers first and foremost.

Primary purpose: To provide practical advice on successfully analyzing, selecting, deploying, and maintaining Identity Access Management solutions. If you are interested in “getting IT done”, you are in the right place. Our related mission, and one that is just as important, is to make Identity Management accessible and understandable to the average business user. This is in area that in my humble opinion, many sites choose not to cover.

What this blog is not: A detailed technical discussion of adapters, connectors, XML, J2EE, .NET, BPEL, XACML, SPML, web servers, and all the associated technologies. There is a wealth of such information on the web, much of it written by those better than I, and it would be better to visit those sites directly, or set up a direct consultation with a member of our Identity Practice.

Why the blog was started: To bridge the gap between the plethora of Identity theorists who speak of “user-centric identity”, the Identity technicians, who focus on the deep inner workings of Identity Systems, and the rest of the business world who struggles to understand exactly what Identity and Access Management tools and systems can really do (and not do) for them. It is this latter audience to which our blog is targeted, though we hope that others will find it useful as well.

A bit about the author: My name is Corbin H. Links, and I am a the co-founder of Links Business Group, LLC. A more detailed bio may be found here. Going forward, I will be the primary author of all material published here, and am changing the format a bit. Instead of the more formal “business to business” style, my blog writings will become more personal, and oriented toward a conversational style. The current blog medium we have been using has been far too impersonal, formal, and limiting in how material is covered.

With that in mind, on with the new format. In the coming weeks, we will be having some candid discussions about all things Identity, and building some community discussion as well. Stay tuned for all the latest by clicking on our RSS subscription link the in the right-hand navigation bar. Additionally, if there are topics that you wish me to cover in an upcoming post, please mail your suggestions to info@linksbusinessgroup.com

Upcoming Features: Some of the upcoming topics include a practical discussion of SSO (what it is, and what it is not,) Provisioning, Access Control, Reporting, Auditing for Compliance, and Identity Management Systems as systems management tools.

Thank you again for reading! If you find the content useful, I would appreciate it if you would link to us, and subscribe using our RSS feed, or tagging us on Del.icio.us.

Best regards,

-Corbin H. Links
President, Links Business Group, LLC

So you have finally passed all of the internal gate reviews, justification meetings, ROI calculations, evaluations, Proof of Concept phases (POC), budget reviews, training, and socialization, project planning, etc. — now it is time to implement.

There are many factors to consider when planning your kickoff meeting. In our opinion, here are the Top 10:

1. Marshall your resources, and get them all in the same place.

Identity projects are a fluid, yet tightly integrated series of actions between vendors, partners, and internal subject matter experts. Get everyone together — preferably offsite when possible — and review all of the primary project documents, including:

• Communications Plan
• Project Plan
• Deployment Plan
• Support Plan
• Maintenance Plan
• Integration Plan
• “To Be” Workflows (Describe how things will now be done after IDMS implementation)

Yes - kickoff meetings, and one could argue the same holds true for all serious kickoff meetings - should be conducted offsite. It is imperative that meetings are distraction free, and tightly focused. All kickoff team members must walk out of this meeting on the same page.

2. Ensure all purchase orders (PO) are fulfilled down to the last part, license and bolt.

It is surprisingly common to miss something in fulfillment. A vendor may ship the wrong part in a long list of components, the wrong version of software may be licensed, or multiple items may ship at multiple times, from multiple locations.

3. Keep the Audience List Tight.

People in the organization will be tempted by curiosity, or “managerial suggestion” to attend the kickoff sessions. If this may be a political issue in your organization, consider conducting a separate breakout session with an open forum.

4. Review the project timetables and budget.

Timetables and priorities are constantly changing within all organizations. At the Kickoff Meeting, your Identity Project is not yet past the point of no return. Take the time, discuss all of the deliverables, and get buy off from your vendor and internal subject matter experts (SME) that deliverables, milestones, and corresponding task lists are achievable and accurate. Adjust as necessary until the plan is seen as rock solid.

5. Review the proposed architecture from end to end.

See point # 5 above and apply it here. Remember: no matter how much time you spent in design prior to the Kickoff Meeting, you have not yet built it. The Kickoff Meeting is the perfect time to review the architecture picture by picture, connection by connection. If it makes sense to modify something, then do it. Ensure that you are deploying the IDMS with the most up-to-date information available.

6. Break technical and project teams into breakout sessions.

Server people need sessions with network people, the software people need sessions with the operating system people, analysts need sessions with the software people, etc. Treat your Kickoff like a big 1 - 3 day seminar. Alternate between group/global meetings, and tightly focused meetings with specialists and technical staff.

7. Record the meetings.

Let us be honest - in frenzied discussions among large groups of people, accurate scribing is almost impossible. Not only that, whomever is doing the scribing is having to focus on the raw content than the greater meaning and contributing to the discussion. Record and review later. Do not be afraid to deliver more cutting edge methods such as Podcasts or streaming audio to get the minutes out.

8. Go straight from Kickoff to Physical Implementation.

Momentum is key, especially if it has taken a long time to get to the Kickoff. Keep momentum going while the information is fresh, and the team is strong.

9. Have presentations ready for each major session, and each breakout session.

Encourage active discussion, but not ad hoc. Each session should have a clear set of bullets to cover. Start each session with a short deck of 3 - 5 slides describing the purpose. Go back to the slide 10 minutes before session end and ensure that everything has been covered.

10. Have fun!

Identity Management Programs are can be big and challenging. Focus on the endgame, but have fun in the process. Maintain active discussion and communicate frequently. Schedule team lunches or dinners after key milestones.

As most of you may know, the exciting new site - Work.com - went live on Monday, October 9, 2006. We are pleased and honored to be listed as an informational resource in the “Access Control Systems” section. Please visit their site for the latest in premium information about business topics and issues.