Feature

Three Pitfalls to Avoid

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."

Download it now to read this article plus other related content.

How to avoid the common pitfalls of ID and access management.


On paper, it sounds simple: Make sure the right people have secure access to the right information. But tackling identity and access management can be a complex undertaking. The pitfalls aren't unlike other technology implementations that require project managers to understand the appropriate scope and avoid technology creep.

Take Steve Banyai, CIO of Bridgepoint Health. He wanted to integrate all of his organization's applications into a single portal so its 1,200 users could have access to data regardless of their location. The rollout took eight months from start to finish, and during that time Banyai needed to step in numerous times to keep the project moving smoothly.

First, he jump-started the evaluation process. "One of the smartest moves I made was not spending time vacillating on the pros and cons of each product," he says. "There is only so much testing you can do."

Then, he tightened the reins when his team began implementing technology for technology's sake. "I kept reminding the group that we needed to remember the business needs, not just the technology needs," recalls Banyai.

    Requires Free Membership to View

More information from SearchSecurity.com

Learn how to establish and maintain an effective identity and access management plan in Identity and Access Management Security School.

Visit our resource center for tips and expert advice on implementing identity management and access control measures.

He inserted himself a third time when Bridgepoint's and its vendors' vision for the project began to drift. "Getting alignment back to the vision is very important. When there isn't that alignment, you can get into a technology quagmire."

Banyai is hardly alone. Each of the dozen users and vendors we spoke with shared similar headaches when deploying identity and access management projects. Here are three problem areas--people, process and technology--and ways to avoid such pitfalls.

This was first published in August 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: