The list of cons is just as long as the list of advantages, however. There's no such thing as a best practice when...
it comes to implementing a provisioning system, but there are several essential steps necessary for making it work successfully:
- You must define, and modify, if necessary, every process for account creation/modification/deletion.
- You must meet with each business person who will be a source/recipient of account information and gain consensus on the business practices and data handling that will be used by the provisioning system.
- You must configure and map the data to every system connected to the provisioning system.
- You must define the workflow authorizations for each resource.
- Existing accounts will not be in the system and must be imported through an alternative process in order for the automated provisioning product to recognize them.
- You must define audit/reporting formats, as well as dates and times of audit execution.
- You must build the front-end request forms and reports that will be generated.
- You must change your business processes.
- Finally, you must protect the provisioning system from unauthorized access due to the sensitive nature of the operations.
But perhaps the biggest con is the cost: Provisioning systems aren't cheap. And on top of that, in order to execute each of the statements above, I generally take the price of the provisioning system and multiply it by six -- since vendors don't typically consider the true cost associated with an implementation -- to get a more accurate estimated cost of deployment.
Dig Deeper on Privileged access management
Related Q&A from Randall Gamby
Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading
Enterprises need a full understanding of the FIDO authentication framework before switching to its technology. Expert Randall Gamby looks at the most... Continue Reading
A self-managed HSM appliance may be the safer external key management system to use with your organization's encryption keys. Here's why. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.