Rapidly Deploying Identity Management for Regulatory Compliance from Fischer International

Dynamic schema recognition: Access to each target system's schema is required during IdM deployment.

However, delays are commonplace due to the time to physically track down the System Administrator to obtain the

schema, and to manually load it into the IdM solution. Make sure your solution can automatically capture or refresh

any schema from any connected system at the push of a button.

Featherweight connectors: While out-of-the-box connectors are an important element of a buying decision, analyst

now agree that the ability to quickly create/modify connectors is of greater importance. Make sure that the vendor's

connector design off-boards data mapping and transformation to the IdM server. Based on the number of

connectors, this feature can eliminate days or weeks from the deployment schedule.

Rapid policy management capability: User entitlements and Separation of Duties are often programmed directly

in workflows. This approach can add months to a deployment as the workflow programmers must mentally translate

business rules and logic into technical requirements, then enter that code into the workflow. Separating Policy

Management from workflows is essential for rapid deployment, as it vastly simplifies both activities, takes far less

time and effort, and even empowers business people to rapidly create their own policies.

Ease of change: Business workflow changes are common, but are time-consuming and costly when dealing with

programmed (scripted) workflows. A single modification can result in updating several areas of a program, which

then must be tested and validated. Programming-free workflows and policies provide the visibility needed to quickly

locate areas to update, and the simplicity of a point-and-click interface.

Compliance reports and audit tools: Review each vendor's compliance offering and determine how well its out-of-

the-box capabilities meet your current and projected needs. For example, can it instantly and automatically compare

the entitlements provisioned by the IdM solution against the actual entitlements currently on the target systems? Are

the supplied compliance dashboards and reports representative of your needs or will you need to create new

reports? Does it provide a flexible, dynamic method for enforcing Separation of Duties rules?

Job aids: Make sure the solution includes tools and shortcuts that speed and simplify routine tasks. For example:

Wizards and out-of-the-box workflows enable organizations to focus on their unique requirements.

Ensure that Roles are optional: Managing user entitlements via roles may be preferred by some organizations, but

Dynamic Groups and Policies may more easily and quickly model the organization's processes.

SUMMARY

Rapid deployment of IdM is a reality today, but it is uncommon as only one vendor has proven to have the advanced

Identity Management architecture needed to attain this goal. For example, a Fortune-500 organization has deployed

this advanced suite (Fischer Identity Suite) to address Sarbanes-Oxley requirements in less than 90 days using only

one internal resource, without additional services.

REFERENCES

Gartner, Witty, R. J. (2005). IAM Phasing and Futures, Gartner IT Security Summit. June 2005.

Rapidly Deploying Identity Management for Regulatory Compliance

Fischer International: Business Brief