In Part 2 of our blog on Identity Management systems, we’ll discuss guidelines and best practices you can use when designing your implementation plan. Incorporating these ideas into your overall project can save you a lot of time and grief in the long run. If you haven’t already selected an Identity Management system or provider, it’s probably worthwhile taking a look at Part 1 of our blog, entitled “Where Do You Stand with Identity Management and Single Sign-on?”
1. Get a good inventory of your systems, services and users.
Before moving forward with implementation, it’s important to take stock of your systems, services and users. As you are creating the list, note how access to each system or service is provided (i.e., by individual, group, department, etc.). Taking the time to do this step now will help you determine which systems are the best candidates to include in a proof of concept and will help you avoid integration surprises down the road.
2. Insist on a proof-of-concept (POC).
Although the Identify Management solution you have chosen looks great on paper and showed well in the demo, insist on a proof-of-concept (POC) as a condition of acceptance. The time you’ve taken to gather your inventory of systems, services and users above (you did do that, right?) will give you a good idea of requirements that should be part of the POC.
3. Pick a “golden source” for user IDs and passwords.
Before heading into an implementation, pick the “golden source” where user IDs and passwords will be stored. Will this be Microsoft Active Directory (AD), a Light Weight Directory Access Protocol (LDAP) server or the internal database in the Identity Management system itself? Making this decision upfront will avoid a lot of heartache down the road and will give you some perspective on how many identity sources may need to be “merged” together.
4. Determine your provisioning and de-provisioning workflows.
You’ll need to consider how your provisioning and de-provisioning workflows should work. Let’s say you’ve chosen AD as your “golden source”. Are users provisioned in AD through a system in human resources when they join your organization or is it done some other way? How are they de-provisioned when they leave? Whether these tasks are done manually or through a “feeder” system, those requirements need to be taken into consideration.
5. Involve the stakeholders early and often.
It goes without saying (but we’ll say it anyway) that involving your stakeholders early and often in any project is a critical success factor. In addition to user groups, remember that executive management, IT security, audit, compliance, help desk, human resources and other areas may want a seat at the table as well.
6. Implementing Identity Management solution takes dedicated resources.
As you look to resource your project, keep in mind that it should be a full time job for the project manager and implementation expert at a minimum. If these critical resources are assigned on a part-time basis, it introduces the risk of having the project slip as they focus on other initiatives.
7. Don’t forget about training.
As you draft your implementation plan, don’t forget about training for the support desk, IT security and compliance and human resources as well the normal system user. Training for these other areas may need to be more detailed depending on the role each area plays in administering the system.
8. Develop an implementation plan that has a phased approach that is well tested.
As you develop your implementation project plan, try to design it in a way that can be delivered in smaller, discrete pieces (i.e., a department or system at a time). These types of project plans are easier to implement and show progress and benefit as the project moves forward. And as always, test each component well before taking it live.
9. When in doubt, ask for help.
If you would like some assistance with developing your Identity Management project plan or think you might want some help with implementation, please feel free to drop us a note at ITOptimize@systemsalliance.com to discuss it further.
Do you have any tips to add from your own experience? Let us know in the comment section below. Learn how SAI's IT Strategy and Operations practice helps clients build better, faster, more effective IT capabilities.