There's always too much to do. If you had an infinite budget and project schedule, or at least more resources than you have now, you could accomplish impressive things for your company. Performing triage means you need to pick IT projects that can deliver the most bang for the buck. Accordingly, we discuss five projects that deserve a CIO's immediate attention. We chose these projects because they have a measurable impact, contain elements with a relatively fast ROI, and enhance both network security and manageability.

To start with, we discuss identity and access management, to ensure that the right people can get to the right resources. Next is Linux integration. Linux is here to stay, and it's time that you integrate it into your infrastructure. We follow with discussions on patch and change management, both integral pieces in terms of reliability and security for your network. Finally, we talk about incident management, a hot topic for any organization wishing to control costs and keep users content, whether they're behind a desktop or are business partners.

Manage Identities

Account management has been IT's forgotten stepchild, but today's network complexity highlights its importance. IT managers are now faced with an incredibly varied mix of directory services, platforms and applications. Ensuring that accounts are properly provisioned and, when needed, terminated, has become an onerous task.

For example, a small network can have several Windows servers running in Active Directory (AD), several Linux servers using local accounts, and one or two network applications that maintain accounts in an Oracle database. In even this small setting, managing accounts, password resets and access rights is a significant task in itself. Now imagine an enterprise environment, particularly one with legacy applications and Big Iron. Ensuring that users have accounts and the required access in this environment can be both a security and a support nightmare—that is, unless there is a well-defined solution for managing those accounts and access rights.

The Solution

Commit to an identity and access management (IAM) process, which manages account provisioning, password resets, and access rights for accounts on the network and within applications.

Where to Start

There are several approaches to implementing IAM. Some focus on using enterprise directories to house accounts and access rights, but, frankly, this is a very limited approach that does not reach far enough into the enterprise, particularly in terms of legacy applications. Even Microsoft, which touts AD as an identity solution, understands the limitations of an enterprise directory; the company released Microsoft Identity Integration Service (MIIS) to support the broader IAM needs of the enterprise. Keep in mind, however, that an enterprise directory is still a critical element of IAM.

That said, begin by implementing an IAM product, such as those offered by CA, IBM, Novell, Microsoft or Sun, and use it first to manage your enterprise directory. This will give you a very quick win, and it will also give you time to learn both the complexities of the IAM product as well as the overall IAM process. Next, build and implement connectors to specific platforms and applications within your network. Fortunately, many IAM products come with built-in connectors for enterprise applications (for example, PeopleSoft, Exchange), which allow you to progress from simpler to more complex implementations over time.