The key to doing an identity management project is knowing which applications to start with and when to say stop. When installing the system, SPX Chief E-Business Officer and CIO Pete Sattler says you should probably fall back on the old 80/20 rule—that is, 80 percent of the benefits come from integrating 20 percent of the applications. For example, Sattler started with Lotus Notes and the company’s VPN, which were the two most popular applications. While Web-based applications are relatively easy to integrate, legacy applications usually require hand coding, which translates into time and money. For this reason Sattler advises not integrating legacy applications if they don’t have enough users to justify the expense. He says there are some legacy applications he never expects to connect.
Every executive and analyst interviewed for this article also advised starting your identity management project as soon as possible—even if it extends to only a few applications. You can always link new applications you bring into the company to the identity system down the road, says Earl Perkins, vice president of security and risk strategies for Meta Group. An average company may have more than 100 applications that it will ultimately need to integrate with the identity management system. Perkins says that there is no sense in waiting to do identity management until you have 200 such applications.
“If you are avoiding [the project], you are only going to make it worse,” Perkins says.