How to Tackle Identity and Access Management
3] Plan on customization. To achieve the full benefits of ID- and access-management tools, Strout says, most IS shops will have to do some customization, especially if they want to enable automated provisioning and single sign-on to legacy systems, homegrown apps, software from small startup companies and other nonstandardized systems. “The security designs aren’t necessarily the same, so you just have to tackle each one as they are,” Strout says. In some cases, it may not be cost-effective to do automated provisioning to a nonstandardized system, especially if it has few users; it could make more sense simply to generate an automatic e-mail to an admin requesting systems access and have the admin manually fulfill the request.
4] Protect yourself against industry consolidation. While Strout was evaluating vendors for his identity-management initiative, the industry consolidated right before his eyes. Netegrity was bought late last year by Computer Associates. And earlier this year, after Strout had committed to buying an identity-management suite from Oblix, Oblix was bought by Oracle. “We’re predominantly a Microsoft shop,” Strout says, and he wonders if future iterations of the Oblix ID-management suite will remain Microsoft-friendly.
His strategy for dealing with the uncertainty: “Build processes in a standardized way.” That way, if he has to move to a new technology, he’ll minimize the amount of re-architecting that he needs to do.
$firstKeyword
Receive the latest security news as it breaks.
