10 Tips to Avoid an Identity Management Disaster

10 Tips to Avoid an Identity Management Disaster

10 tips to avoid an Identity Management Disaster

By: Hanno Ekdahl  |  Idenhaus Consulting

10 Tips to Avoid an Identity Management Disaster

Photo credit: Rudy Juanito

More than half of all IDM projects fail the first time, yet all too often companies quickly select a technology and begin implementation. A newly inked contract may help ease the immediate pressure to get something done, but a failed project doesn’t make good financial sense and could mean you’ll have to make some undesirable career adjustments down the road.

10 ways to lessen the risk when implementing an Identity Management Program:

1) Define a Reasonable Scope – IAM projects with a broad scope of integrations almost always fail. A better approach is to define your IAM program around a narrow focus: building a solid Identity foundation. This will include standing up a central directory, a connector to your HR system, and 1-3 connectors to Service Directories (such as Active Directory) and a key application or two.

2) Build a Bridge to your Data Owners – Whoever owns the users’ data has the key ingredient to any working IAM solution. Establish a partnership early to pave the way for a good working relationship.

3) Evaluate Data Quality – Check your assumptions at the door. Identity Management is a lot like the Old Testament, lots of rules and no mercy. If your data quality is poor, you just get bad results, faster!

4) Map Your Processes – After you’ve documented your existing operational processes, you need to verify that the processes do what you need them to do.

5) Secure Executive Sponsorship – There will be turf wars, scope creep, and key decisions that need to be made along the way. Without a leader to break the ice when things freeze, you may not be able to overcome organizational barriers.

6) Hire Experienced Technologists – Whether you are using internal resources, consultants, or a combination of both, experience is everything.

7) Set up a proper Test Environment– Make sure your test servers are configured exactly like your production machines—with the same hardware and the same workload—so that the test machines can accurately predict the capabilities of the production machines under real-time operating conditions. When you run test data through your IAM system it will be an accurate predictor of how long the operations will take in your production environment.

8) Learn from Concurrent Engineering – This isn’t just an IT project, it touches Recruiting, HR, Payroll, Security, and Operations. Include key stakeholders from each area to avoid missing a major IAM requirement.

9) Create Project Documents – Requirements, Design, your team’s decisions, issues, risks, constraints. Organizational memory is short and documentation provides a point of reference on what was decided.

10) Data Seeding – If you are implementing IAM for the first time and already have a central directory, you’ll need to make sure that the HR data matches your IT data for each user. Lots of due diligence here will save you from an IAM disaster!


Hanno Ekdahl is the Founder of Idenhaus Consulting, a Cybersecurity & Identity Management firm that helps companies solve the most challenging IAM problems and avoid the most common security pitfalls.

This post originally appeared on the Idenhaus Blog. Follow @Idenhaus on Twitter or LinkedIn.

Comments are closed.