There are many stories of Identity and Access Management (IAM) projects that do not attain the goals established by the institution’s targeted vision. In most instances it does not matter if the solution is “homegrown”, cloud based, or if it is contracted out to a professional services entity with a commercial off the shelf Identity Management (IdM) offering. Many times the result ends with:
- Expensive Project Overruns/Scope Creep
- High Cost of Ownership due to the need for “specialized homegrown programs” which require life cycle management including on going maintenance and release strategies.
- On going retooling of the configuration itself due to lack of proper upfront planning.
- Missed project goals due to poor communication between the implementation team and the constituents requiring the services of the IdM solution.
- Expensive Test/Repair due to the lack of defined use cases at the start of the project
As we continue to work collaboratively with higher education institutions, we continue to refine our products and services to mitigate these risks to assure successful implementations with them. The following are a few of our focus areas as we work closely with institutions in their use of our products to build out their IAM solution:
- Assess Your Desired State
o Select an IdM champion who can lead the charge for your team and to serve as the project manager.
o Take the time to gather the key constituents/stakeholders and listen to their needs as it relates to Identity Management. For example, Human Resources may have the responsibility for managing the authoritative sources of information, they may also have policies around the individual’s information that is managed by an Identity Management system, when they should attain access to certain assets that the institution provides, and of course when those assets should be removed. There may be other organizations that have a stake in these types of questions as well. Each of these stakeholders will have a vested interest in the success of the implementation.
While there are several key stakeholders within each institution, the following are a few examples:
- Human Resources
- Security Office
- Asset owners (Applications, email, etc)
- Authentication repository owners (LDAP, AD, etc)
- Database Administration
o Sort out these findings into a set of implementation phases that take into account the institutions priorities, including budgetary restrictions and skilled resources for implementation. Make it a building block that can be easily extended and managed.
o Build a requirement document that represents the high level view of the initial phase. Use this document as a collaborative tool with the stakeholders to assure you have captured their requirements in the initial phase.
- Basic Pre-requisites before starting
o Build out and document the detailed specifications for the project, which details the use cases, the authoritative source attributes mapped to targeted authentication targets, policies, password management, workflow processes, de-provisioning rules, etc. Make this as detailed as possible, since any change in this design specification can create changes in scope and/or potential over-runs.
o Establish the appropriate development and test systems and provide the entire implementation team access
The better you develop these plans before you start an IdM project, the better chance you have for a successful Identity and Access Management deployment. We continue to improve our processes with each of our engagements, whether the institution chooses to implement their solution themselves or if they choose to use our services for their entire implementation.
Of course, we believe that our product offering provides the necessary tools and infrastructure that allow our customers to enjoy the business continuity benefits of a commercial product solution. Thereby, allowing the institution’s IT organization to focus on their specific Identity Management needs as opposed to the cost of ownership of an internally developed and maintained implementation. This coupled with our experience in collaborative implementations has proven to be a good choice for our customers.
Bob Stephens, Director of Professional Services
Interested in learning more about TridentHE and our Open Source Identity Management Software?