3 Reasons Identity Management is a “MUST”… and strategies to make it affordable
Let me be clear about what I’m saying. Identity Management for companies with employees that have access to critical data is a MUST, not a want. Over the years I have had the privilege to work with many companies large and small, who have different business needs. In many cases I hear all the reasons, (and sometimes excuses) for not implementing a solution, policy or methodology. Sometimes these reasons even make perfect sense! In making any business decision, the choice to do, or not do anything is weighed by what I call the “risk vs. reward scale”. Regarding Identity Management (IDM), if you have employees with access to critical business information, you MUST put at least basic IDM in place!
So what is Identity Management? Bill Brant, CEO of Directory Services, Inc. says “IDM is the technological automation and enforcement of business policies and processes to manage the lifecycle of electronic credentials, entitlements authorization and compliance mandates.” If you are in management like me, let me translate in English. IDM automates your logins so your company is secure, and you don’t lose millions of dollars, PLUS it increases productivity so you can make millions of dollars. The following are my top three reasons IDM is a must, not a want.
Reason One (1): Provision of new employee credentials
Companies that do not have Identity Management spend days to weeks to properly provision a new employee, and with a high probability of improper provisions. The popular method used to accomplish this task is a simple email request.
Typical email thread:
HR to IT Admin: “Jack is starting today with us, can you get him a login?”
IT Admin to HR: Sure what does he need?
HR to IT Admin: “He is working in Sales, ask his supervisor.”
IT Admin to Supervisor: “Jack is starting today, and I need to get him a login, what accesses does he need?”
Supervisor to IT Admin: “I don’t know, how about just copy the access rights from Jill, she’s been here a while, so whatever she has must be right?
Risk to the company: Jill was the Engineering Manager and Marketing Supervisor before becoming the top sales person in the company. Each new position gave her role specific rights that were never properly taken away as she changed roles. Now she is being used as the “template” for user rights to new hires. Jack the new hire, just gained access to engineering blueprints, and new “go to market” strategies. In addition, the back and forth emailing took two weeks because the supervisor was on vacation. Adding a face slap to a poke in the eye, Jack the “new hire” is still being paid even though he had no access to do his job. Sound familiar?
IDM to the rescue: A company with IDM could implement automated provisioning of credentials by role. A company would define the accesses any given role can have, and further, lock out accesses for roles they should not have i.e. the janitor does not need access to the accounting system. The IDM system’s automatic provisioning process tool performed this task in seconds, and Jack was properly provisioned before he sat at his new desk.
Reason Two (2): Deprovisioning of terminated employee credentials.
In a company without Identity Management the same situation occurs as in the scenario above, but with more immediate consequences. The popular method of conducting deprovisioning of credentials in a company without Identity management is by way of a simple email request.
Typical email thread:
Supervisor to HR: “Jack has been terminated immediately for bad attendance. Please put all the termination protocols in place. He has been removed from the facility, but he did not have his badge with him.”
HR to Supervisor: “Out of Office Reply” I’m sorry, but I’m out of the office the next two weeks on my honeymoon. I my absence please contact the supervisor”.
Supervisor to Manager: “I just fired Jack, and need the termination protocols, but HR is out of the office, what now”?
Manager to Supervisor: “Who is her Backup in HR?”
Supervisor to Manager: “I am, but I don’t know the protocol.”
Manager to HR: “when you get back from your honeymoon, please terminate the supervisor, he hired Jack who we think may have stole engineering plans and sold our marketing plan to the competition after he was terminated because he still had his accesses for the last two weeks! Of course we cannot prove it.” (side note to reader Yes IDM applies here too for compliance and auditing, but that is another article… Marc).
Manager to CEO: “I have no idea how our engineering blueprints and our marketing plan got into the hands of our competition?” It must have been Jill, she has rights to both of those areas. By the way, I’m hearing our client list is being aggressively called by our competition as well. It couldn’t have been Jack, he’s been fired for weeks now.”
Ok obviously I was on a little bit of a roll there with the Manager reply, but I think you get the picture.
IDM to the rescue: A company with IDM could implement automated deprovisioning of credentials by Identity. In this scenario, Jack could have been deprovisioned before he was even out the door. If he tried to access his client database from home, he would have been locked out.
Reason Three (3): Identity Synchronization and Password management
Did you ever think that 3M would produce the world’s largest and most used Identity Management and password vault tool! It is true! Its call the “Post-IT” note, and it can cost you millions.
Some people may get basic Directory Services and Identity Management confused. Directory Services are a key part of IDM because this is where the Identities are managed. For example, Active Directory, eDirectory, LDAP, are all network directory services. What about your applications that maintain their own “directory service database? This may be your custom built Inventory application, or ERP system for example. How do you get these systems to talk? If you do not have Identity management, you create separate login credentials for each sub system, and have your end users become the (Identity Management). This becomes the Identity Management by “Post-IT” note that was mentioned earlier.
IDM to the rescue: With IDM, companies can synchronize their user passwords between directories and application directory databases giving your end users a single password to manage for all systems. The next step would be to implement SSO, or single sign on, which automatically uses a single login event to sign into multiple databases eliminating the need to manually login to multiple systems many times. I stop short of saying SSO is a “MUST” for all businesses, but it sure is up on the list of “should haves”. I reserve the right to be on the fence on the “SSO vs. Identity sync only” discussion depending on the client needs.
Password management is bundled into this category, but I could add this to the list on its own. Some may argue that this is not IDM because it is a directory service component, but I believe it is a component of IDM, so take it for what it is worth. Password management in this scenario would be more than just enforcing strong password policies; it would include “self service password” assistance using challenge response questions and secure authentication methods like multi factor authentication and one time passwords.
Strategies that make it affordable:
There are many different products out there that can facilitate Identity Management and Access Controls. Some of the best are made by Novell, Sun, Oracle and IBM Recently, the Identity Management space has become somewhat commoditized in what I would call the “basic IDM” space. This would be the space I touched on today, with provisioning / deprovisioning, password management, and synchronization of identities. Some of this functionality is being built into the OS and Directory Services of some vendor products from Novell and Microsoft. Novell has Domain Services for Windows, eDirectory, and the IDM bundle edition that ships with Novell Open Enterprise Server 2 (OES2). Most major directory services vendors have free self service password management tools available for eDirectory, Active Directory, Sun Directory Server etc). New companies are building targeted IDM solutions based on open source like,GreyTower from Directory Services, Inc., and Sun. These solutions can be implemented without licensing costs, but also sell support and maintenance if you need it.
Take the first steps. Contact your trusted Identity Management advisor and discuss your options. Make sure they are not tied to any single vendor or you will get a single option presented that may not fit your business. Remember, IDM is a MUST!
3 Reasons Identity Management is a MUST and strategies to make it affordable - To learn more about this author, visit Marc Potter's Website.
Like this article? Share it with your friends
 | |
 |
No article feedback found. |
| |
Leave Your Feedback |
 | |
| |||
George LudwigGeorge Ludwig is a recognized authority on sales strategy and peak performance psychology. An international speaker, trainer, and corporate consultant, he helps clients like Johnson & Johnson, Abbott Laboratories, Northwestern Mutual, CIGNA, and numerous others improve sales force effectiveness and performance. Though it's George's strategies and processes that help corporations increase productivity and performance, it's his tremendous energy and dynamism that spark the transformation. Again and again, clients remark on his amazing ability to unleash human capacity and inspire men and women to break out of their comfort zones. The result is a whole new type of salesperson. His customized presentations teach achievers to make stunning advances in their lives. From helping salespeople realize cherished dreams to helping corporations exponentially accelerate revenue streams, George Ludwig leaves audiences and individuals empowered, emboldened, and clamoring for more. George is the best-selling author of Power Selling: Seven Strategies for Cracking the Sales Code and Wise Moves: 60 Quick Tips to Improve Your Position in Life & Business. - Visit George Ludwig's Website |
|||
David AchesonDavid Acheson is the founder of DCJA Consultancy. DCJA Consultancy is a management consultancy business specialising in B2B sales consultancy. They offer bespoke and packaged sales consultancy including Sales Optimisation Review, Interim Sales Management, Sales & Marketing Review, 1:1 Sales & Management Staff Analysis, Management Training, Solution Sales Training, Creation of New Pay Plan, KPI's, run Customer Feedback Campaigns, assist with Recruitment, Coaching, Appraisals and set up Strategic Marketing Campaigns. David spent his early career in accountancy and then moved into sales in 1982, working in Office Equipment, IT, Advertising, Training, Outsourcing and Consultancy. He has held many Senior Positions in SMBs and Global Organisations including Head of Sales Operations & Head of Business Development. His knowledge, skills and great experience of the Sales Industry has led to David making keynote speeches and running educational sessions to key businesses through organisations including The Chamber of Commerce and Business Link. - Visit David Acheson's Website |
|||
Dave KurlanDave Kurlan is the founder and CEO of Objective Management Group, Inc., the industry leader in sales assessments and sales force evaluations, and the CEO of David Kurlan & Associates, Inc., a consulting firm specializing in sales force development. Dave has been a top rated speaker at Inc. Magazine's Conference on Growing the Company, the Sales & Marketing Management Conference and the Gazelles Sales & Marketing Summit. He has been featured on radio and TV, including World Business Review with General Norman Schwarzkopf, in Inc. Magazine, Selling Power Magazine, Sales & Marketing Management Magazine and Incentive Magazine. He is the author of Mindless Selling and Baseline Selling – How to Become a Sales Superstar by Using What You Already Know about the Game of Baseball. He created and wrote STAR, a proprietary recruiting process for hiring great salespeople, and he writes Understanding the Sales Force, a popular business Blog and is a contributing author to The Death of 20th Century Selling and 101 Great Ways to Improve Your Life, Volume 2. - Visit Dave Kurlan's Website |
|||
Kim CastleWith nearly two decades in the advertising and design business, with clients like Domino's Pizza, General Motors, Direct TV, Pedigree, Wolfgang Puck, Higher Octave Music, Hollywood Celebrity Products, Disney, and Paramount, as well as thousands of entrepreneurs around the world define, structure, communicate, and position their business for greater profits, BrandU(R) co-creators Kim Castle and W. Vito Montone discovered that entrepreneurs could experience the same power that big brands command for a fraction of the cost with the world's only process-based results-drive Integral approach to business creation. BrandU(R) is helping entrepreneurs grow with the power of extreme clarity from idea...to brand...to market(TM) and helping one million entrepreneurs become successful and whole so that they can make a difference in the world. Are you one of them? If you want to experience clarity all the way to the bank(TM), get started now at http://www.brandu.com. - Visit Kim Castle's Website |
|||
Linda RichardsonLinda Richardson is the Founder and Executive Chairwoman of Richardson, a global sales training and performance improvement company. As a recognized leader in the industry, she has won the coveted Stevie Award for Lifetime Achievement in Sales Excellence and she was identified by Training Industry, Inc. as one of the “Top 20 Most Influential Training Professionals.” Ms. Richardson is credited with the movement to Consultative Selling and is the author of ten books on selling and sales management, including Sales Coaching — Making the Great Leap from Sales Manager to Sales Coach, and Stop Telling, Start Selling. She teaches sales and management at the Wharton Graduate School of the University of Pennsylvania and the Wharton Executive Development Center. Linda is a frequent speaker at industry and client conferences, has been published extensively in industry and training journals, and has been featured in numerous publications, including The Wall Street Journal, Forbes, Nation’s Business, Selling Power, Success, and The Conference Board Magazine. Learn more about Richardson's sales training and performance improvement solutions at http://www.richardson.com web - Visit Linda Richardson's Website |
|||
Stephanie RobeyStephanie Robey is President and CoFounder of Pivot Positive, LLC - an Internet marketing business focused on helping people start work at home ventures. Previously, she was employed at The Search Agency with over 20 years experience in graphic design and 10 years experience in online marketing. She was responsible for launching the Conversion Path Optimization (CPO) unit where she and her team have conducted hundreds of optimization tests for online companies across multiple verticals. She is a successful entrepreneur having started and sold 2 companies and remains on the board of directors of the third, PhotoSpin.com Stephanie began her career in the direct marketing realm creating and producing direct mail for many of the major cable television companies and directly attributes her understanding of Internet marketing to those early offline experiences. Stephanie is a graduate of San Diego State University with a BFA in Graphic Arts and also holds an Executive MBA from the Graziadio School of Business and Management at Pepperdine University. Read Steph's Blog Meet Steph and Dave Sign up for our Free 7-Day BootCamp: Self Employed & Rich - Visit Stephanie Robey's Website |
|||
|
To learn more about the Evan Elite Author Program please contact us. | |||
 | |
|  |
Subscribe to Marc's articles
 | |
|
|  |
 | |
|
| |
 | |||||||
|
 | ||
 |
||
 |
||
 |
||
|
| ||
 |
| Have you written articles that would be of value to entrepreneurs? Become an expert on our site by publishing them! Expose yourself to a wide audience, drive more traffic to your website and get more sales! Click Here for details. |
|
|
 |
| Modeling the Masters: Learn the true secrets behind Walt Disney's business success factors & grow your company! Video produced by Phanta Media |
|
|
 |
"Learn straight from Evan how you can Make a Full Time Income (And More) from a Website"
Click Here To Learn More |
|
|
|
|
Get advice & tips from famous business owners, new articles by entrepreneur experts, my latest website updates, & special sneak peaks at what's to come!
|
|
|
 Start Right Selling Shovels Top Author Mistakes Business Coaching Networking Online |
|
 | ||
 |
Top 50 SEO Posts - 2007
Top SEO Posts of the Year | |
 |
The Top 10 Guy Kawasaki Posts
Best Posts for Entrepreneurs | |
| ||
 | ||||
| ||||
|
| ||||
| ||||
|
|
|
|
|
||||||||||||
|
Email us your ideas on how to make our website more valuable! Thank you Sharon from Toronto Salsa Lessons / Classes for your suggestions to make the newsletter look like the website and profile younger entrepreneurs like Jennifer Lopez and Sean Combs!
|
|
|
| ||||||||||||
| ||||||||||||
|
|
||||||||||||