Identity Management Frankenstein & How to Kill the Monster
“Dr. Frankenstein could have been an Identity Management software vendor.”
Like other security software vendors in the Identity and Access Management (IAM) market, Dr. "F." stitched together the parts that made the monster complete. CIO's know well enough that an identity management IT project can be a Frankenstein monster as well, Just add all the right parts like; provisioning \ deprovisioning, Single Sign On, Access Management, Access Governance, Compliance and Reporting, and stitch them all together, add electricity to the servers, and you have a living, breathing Identity Management IT Project... monster.
"A Frankenstein esque IT project can be a very powerful creature".
The major difference is, the Frankenstein monster could be a powerful protector or kill its maker, the living IAM project can be a powerful protector and kill careers. Remember, Dr. Frankenstein wasn't all bad, he was simply misunderstood, right.
With good intentions CIO's deploy these projects in strategic ways the make perfect sense at the time until the angry mob charges the castle with torches and pitchforks looking to "Kill IT" (excuse the pun) because the IT project never seems to end.
This is what we call the "Living IT Project", or "Living IDM Project"
A living project is one that never seems to come to completion over a long period of time. There is a general perception among many business leaders that an IT project like ID Management is a "living monster", and the model of IT project failure. Here are the top 3 reasons they might get this perception, even if it is a fallacy?
-
The Identity Management Consultant has been at the company longer than the IT staff.
-
An IDM connector has been in development for five years.
-
The company hired junior level Identity Management Analyst whose role is to support the outside IAM Consultant.
You can't really blame the CEO or CFO for being critical of these living IAM projects. The Executive Management point of view is, with little exception one of the following.
-
Increase sales
-
Decrease costs
-
Minimize risk.
If you are not proving at least one of those points in any IT project, after a reasonable time frame, the IT project will most surely be put on the IT project "Kill List".
Why do Identity Management Projects fail?
The fact is, most IAM projects don't deserve the "IT project failure" stamp, and they are a victim of perception, here’s why.
Perception:
Most large Identity and Access Management software suites are complicated and require configuration that will take a “project cycle”, which in some cases may be longer than a “budget cycle” leading some executives to perceive that they haven’t started to reap the benefits of last years money.
Reality:
“Business process evolution”, otherwise known as “business progress” or “continuous process improvement” creates a moving target for certain business systems. In many cases, an IAM connector is not in production for five years, it is re-done several times to accommodate the business process changes.
How to kill the living project monster?
Go back to the basics
IAM has a simple role of managing who has access to what resource. Is there a need for added complexity? Big bang IAM packages are built for consultants, not businesses. How many times are your W2 admins actually touching the expensive features in your package?
Use methods that are cheaper easier and get the job done.
Products like GreyTower are streamlined to make IAM easier and focus on end result vs easier management of complexities typically done by consultants anyway.
Take a modular approach to get "wins"
The important thing for IT project champions to realize is that the CXO simply needs “wins”. Contrary to popular belief, budgets are objective. They are tools for the top brass to give managers to let them run their operations without having to ask for permission on every expendenture. If you are not showing wins, you are simply not showing good judgment with the budgets you are getting, and that money will go to an unbudgeted objective in another area, for another pet project that is showing progress. “If there is truly value in any given IT project that bears fruit, (one of the key business objectives listed above), there will always be money for the IT project.”
By taking the simple measures above, you take the Identity Management IT Project and effectively Kill it. It then becomes a workhorse you can plan for and see success at every level.
Of course there is plenty more on this topic... Come back from time to time to see.
