Identity Management Success

Identity Management Systems offer tremendous benefits and ROI potential to organizations of all types and sizes. However, the complexity of a typical deployment brings a tendency to continually redesign the Identity infrastructure. Continual redesign can introduce even more complexity, additional dollars, continual requoting, time and budget overruns, missed opportunities, and stakeholder frustration — which increases resistance to your deployment.

A few simple rules can help to minimize the redesign spiral:

• Start with small, clear, attainable objectives
• Factor user experience, training, and administration requirements early
• Get infrastructure people to the table early.
• Build software infrastructure from the inside out, then embrace and extend to legacy and “black box” applications
• Design for function first, and cost last. If cost is your overriding project concern, reconsider the entire Identity project.
• Design Identity as a set of services.
• Examine ways current operating systems and network infrastructure can be used
• Attain quotes for only what you need, and ensure the budget has at least a 15% growth contingency. You will never factor Identity deployment costs to the penny in a large organization. Index future costs directly to planned organizational growth, and other factors such as Federation (partner integration,) facility expansion and contraction, capacity planning, record retention, etc.
• Seek input from everyone, but do not expect consensus, or wait for it to achieve design approval. If the key people agree on the principle, and your internal and external Subject Matter Experts sanction the design, then move forward with a pilot.
• Set reasonable expectations with stakeholders, business users, and application owners. Understand and document how the deployment will affect each group, and answer objections early and before committing to a final Identity Management System design. In some organizations, it takes only one powerful business user to derail the entire project
• Carry each design iteration to its full completion, before scrapping it and starting over.
• Apply rigorous change control to your system design. Avoid ad hoc diagrams that are passed around and changed frequently. Remember that even small changes such as the placement of a cable, or addition of a server somewhere can completely alter the entire system deployment.
• And perhaps above all - expect the unexpected. Plan for contingencies, and custom applications that may require special solutions or retrofitting to integrate within your Identity System.

While not an exhaustive list, following the rules above can help keep your Identity Management System project running smoothly.