In this month’s Introduction, three workflow sets were introduced: Provisioning and deprovisioning (which I abbreviate as de/provisioning) Non-employee management User or access recertification This segment explores the first of these, de/provisioning) De/provisioning is the most common of IAM workflows. Done right, this workflow delivers tremendous ROI, improved audit results and improved customer satisfaction by significantly [...]
Identity Management Series – Workflows Part 2: Provisioning and Deprovisioning
September 23, 2010 By
Identity Management Series – Role and Rule Basing Part 5: Implementation and Cleanup
July 1, 2010 By
The final step in this month’s activity is to implement the roles and clean up any extraneous access that’s left behind. As in the previous segment, the distinction between enterprise and IT roles doesn’t matter, so I will generalize. The reason for this is that what you implement depends on your strategy – as defined [...]
Identity Management Series – Role- and Rule-Basing Part 4: Documentation and Approval
June 28, 2010 By
Once all of the roles are defined, it’s time to document them and obtain approval for their use. We’re now past the point where the distinction between enterprise and IT roles matters, so in this segment I go back to the generic term, “role.†Documentation and approval Once testing is complete, the final roles should [...]
Identity Management Series – Role- and Rule-Basing Part 3: Designing and Testing IT Roles
June 25, 2010 By
Now that enterprise roles have been identified and prioritized, it’s time to tackle IT roles, and figuring out IT roles is where the rubber meets the road. Chances are, neither the department heads nor the HR team can help on this one. It’s up to the identity management team and business “power users†to determine [...]
Identity Management Series – Role- and Rule-Basing Part 2: Identifying & Prioritizing Enterprise Roles
June 22, 2010 By
The first step in role- and rule-basing is identifying and prioritizing the enterprise roles. This sets the direction for the entire effort, which – make no mistake – will be time consuming. Doing some thoughtful planning up-front is therefore imperative to ensuring that you don’t start out off-track. Identifying the roles in the organization is [...]
Identity Management Series – Role- and Rule-Basing Part 1: Introduction
June 18, 2010 By
At this point in the identity management process it is time to consider what access the company’s job functions should have to begin creating roles and rules. This is the first step in automating provisioning and de-provisioning. Even without automation, creating and managing the roles and rules will make manual provisioning (and auditing!) quite a [...]
Data Cleanup Part 2: Other UserIDs
March 30, 2010 By
By: Ioana Bazavan Justus Did last month’s exercise of mapping primary userIDs kill you? Is it still killing you? Unless a number of full-time resources were allocated on a project basis, the cleanup for a large organization can easily take months to complete so if you’re still working on it, don’t worry – you’re not [...]
Prioritizing Systems Integrations
January 20, 2010 By
Avoiding the biggest mistake The biggest mistake that identity management implementers make is biting off way more than they can chew – we all have grandiose ideas of integrating all of the company’s systems and fully automating them, too! It never sounds that hard when the team is sitting around the conference room table, excitedly [...]
The First Brick: Understanding Identity Management
December 9, 2009 By
What is Identity Management? Identity Management (IDM), or Identity and Access Management (IAM), is a suite of products that work together (more or less cohesively) to manage users and their access/passwords across the enterprise. Most identity management product suites consist of three or sometimes four parts: -Â Â Â Â Â Â Â Role manager -Â Â Â Â Â Â Â Identity manager -Â Â Â Â Â Â Â Access manager [...]
Engage with Michael Santarcangelo