Page 3

: Challenges">

Despite a host of vendors out there, some implementation issues have yet to be solved.

In addition to the time and investment required to get identity management done, there are several other challenges.

According to Yankee's Waterfield, there are more than 100 software vendors. Small niche vendors own corners of the market, but suite vendors such as IBM and Computer Associates are developing software that addresses all areas of identity management.

Deciding which type of company you should partner with depends on the size and complexity of your firm, how far along you are in deployment and how extensive your rollout would be.

A Fortune 50 company with 50,000 employees and 12 divisions, for example, may be better off with a suite of tools from one vendor. If your company operates mainly on one platform, then it's probably best to go with the suite from that same vendor.

Not surprisingly, integration of different platforms is a constant frustration.

"Where it gets wild," says META's Perkins, "is when you want to buy one product that can, say, provision the users of applications that run on different platforms. There are vendors that provide capabilities to do that, but it's no trivial activity. The suite vendors may allow you to mix platforms, but let's face it, it's going to work best on the vendor's own platform."

Jaime Sguerra, second vice president and chief architect at Guardian Life Insurance Co., says integration issues presented the largest problem in his firm's identity management rollout.

"We had data in a proprietary repository, and we spent quite a bit of time extracting it."

Eventually they were able to integrate the systems with identity management software from IBM.

Smaller companies should generally look at targeted solutions, but don't limit yourself. If your business uses a lot of contract or part-time employees, you may need more than one tool.

Gartner's Witty says that managing the identities and access controls of part-time or outsourced workers is a growing issue that many companies overlook.

Perkins adds that data cleanliness—and consolidation—is also an important consideration.

"Look at where your directory, authentication and authorization services are. How clean and structured are they? You don't want to do identity management in a company that has 300 directories and databases of identity repositories. Know what your identity infrastructure looks like and get the data integrity as clean as possible."

Finally, systems and applications might briefly slow down if many people log in to the system at the same time (in the morning when employees first sign on, for example) or if a hacker attempts a denial of service attack.

But generally "identity management isn't considered a system performance issue," says Perkins.

Ask Potential Vendors:
  • Can your product operate across multiple platforms?

    Tell Your IT Department:
  • We need to clean and consolidate our identity repositories.

    Ask Your Chief Security Officer:
  • How will we benchmark our progress and monitor success?

  • This article was originally published on 09-01-2004
    eWeek eWeek

    Have the latest technology news and resources emailed to you everyday.