Identity Management Objectives
Yesterday,
I listed several problems stated by customers in recent RFP’s. Here is a list
of objectives the same customers hoped to achieve by implementing an Identity
Management System:
Improve Administration
- Improve administrative overhead – Centralized account creation, suspension,
and deletion across systems and applications - Create a centralized view to use as a window into the digital identities
that exist on the targeted systems. - The proposed solution should allow out-of-the-box user administration capabilities
on a number of common platforms and applications. - Central, multi-system administration.
- Self managed password administration.
- Provide self service capabilities, e.g., resetting passwords
Improve Security
- Create a centralized store for provisioning processes and policies that
govern how to conduct business securely - Provide application developers with a seamless security infrastructure
where security no longer needs to be coded per application - Minimize risk
- Privacy and security compliance via role-based security for users access
to electronic information. - Support role-based security for our clients’ access to electronic
information.
Reduce Complexity
- Improve information quality – Synchronization of identity information in
various repositories/ directories - Reduce the number of log-on credentials
- Synchronization of IDs and passwords across platforms and applications
- Simplify the ‘user provisioning’ and setup for user ids for
various internal applications. - Provide simple and non-technical means for managing user request options
- Provides unified login for customers and employees
Increase efficiency
- Improve Access
- Improve Service
- Reduce Cost
- Provide the ability to be self-sufficient in administering and extending
the system. - Correlate and clean the identity information of the targeted systems.
- Report on variances between the correlated and cleaned identities and new
identities that are added to the system. - Reduction of internal user account provisioning from forty-eight hours to
minutes after approvals. - Reduction of external client account provisioning from forty-eight hours
to minutes after approvals. - Rapid, reliable account termination.
- Streamlined approvals for systems access.
- Automatic provisioning for approved requests.
Improve Compliance
- Improve regulatory access/audit – Comprehensive logging and auditing of
users’ access rights and approvers - Provide compliance with government regulations through automation of provisioning,
de-provisioning and reporting on current state of authorized user credentials. - Provide audit trails for user requests
Leverage Standards
- Provide the foundation for developing a shared permission/identity infrastructure
service – Standards-based scalability - The architecture of the provisioning solution should be robust, secure and
based on best industry standards.
Position for the Future
- Provide a foundation for extending Identity Management functionality
- Scalability for future growth
Enable Integration
- It should be customizable to support products from other vendors and applications
that have been developed specifically for the current environment. - Integrate with outside systems for event triggering, auditing and reporting.
Monday I’ll list the expected benefits. Stay tuned.