Abstract image of a woman sitting on books and studying on a laptop

8 Pitfalls of Next Generation IAM Programs

Download as PPTX, PDF
D
Dave Shields

The document outlines eight pitfalls of next-generation identity management identified by Dave Shields, emphasizing the importance of planning, stakeholder engagement, and adaptability. Key solutions include forming an IAM roundtable, documenting core processes, defining business requirements, and planning for the entire identity lifecycle. Overall, it stresses that successful IAM implementation requires a collaborative approach and ongoing communication within organizations.

Technology
1 of 41
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
8 PITFALLS OF NEXT GENERATION IDENTITY MANAGEMENT Presented By: Dave Shields, Managing Director of Identity and Access Management – University of Oklahoma
About OU • Public funded, research institution in Oklahoma • Approximately 37,000 students, 12,000 Faculty/Staff • Spread across 3 campuses • Highly decentralized environment
IAM Program Reality Check • Just because you build it, doesn’t mean they will come… • Old processes die hard and new processes die easy. • Learn to ‘see’ the pitfalls and prepare for them.
Pitfall #1 – Bad Planning • Bad planning kills new ideas. • Just because you can buy it doesn’t mean you should. • IAM touches too many things to live in a vacuum.
Solution: Build a Roundtable! • Dedicate at least one person full time to IAM, more if you can. • Create a ‘think tank’ with people who have a stake in IAM. These stakeholders build buy-in for the program. • Your Roundtable can help your plans succeed. • Tribal knowledge is better than technical depth.
The IAM Roundtable at OU • Meets every other week and also maintains email communication outside of meetings • Meetings are open to anyone who wants to listen. (don’t create a wall) • Consists of Enterprise Architects, representatives from high impact areas, and rank and file employees with tribal knowledge.
Why? • Reduces power struggles, egomania and ‘manic planning.’ • Increases collaboration across the diverse structure of the university. • Shows a unified front against a problem that can’t be ignored. • Offers a basis for IAM Governance later on
Pitfall #2 – Garbage Processes • Existing processes may be good but they can also be part of the problem. • We don’t always realize a process is garbage until we examine it. • No matter how great your next generation IAM Platform is, it won’t fix a bad process if you replicate it.
Solution: Seek and Destroy • Spend a lot of time documenting core identity processes (i.e. how does an account get from here to there?) with those who know them best. • Break out the flow charts! • Illustrate processes to the owners. • If garbage is found, destroy (or recycle) it.
Scary Diagrams and Nice Colors
Scary Diagrams and Nice Colors
Why? • Documenting processes can help you find issues. • Many processes have never been documented and may only live in someone’s brain. • Once the process is documented, converting it to IAM logic will be that much quicker!
Pitfall #3 – Wrong Product Choice • The best product for your organization may not be the popular choice. • Don’t make IAM just a solution looking for a problem. • The Gartner Magic Quadrant is not the final word on what’s best!
Solution: Create Business Requirements • Craft a minimum of 5 Business Requirements, and hold the vendor(s) accountable! • Use your think tank (roundtable) and key stakeholders to determine what is really required for your IAM Platform. • The more feedback you have, the better the requirements will be.
Business Requirements for OU • We created 10 business requirements for OU and explained what each of these are: – BR01: Legacy Replacement – BR02: Secondary ID Source – BR03: Triangulation of Trust – BR04: Role Assignment/Mirroring – BR05: Integration with Existing Systems
Business Requirements for OU • We created 10 business requirements for OU and explained what each of these are: – BR06: Audit and Attestation – BR07: Platform Location (Cloud vs. On-Prem) – BR08: Academic Lifecycle of an Identity – BR09: Web Portal Experience – BR10: Independent Sustainment of IAM Platform
Example of Requirements: • BR03:Triangulation of Trust: – Successfully offer a web portal to request secondary ID’s – Successfully accept authentication from sources such as Facebook, Email, SSO, etc. – Successfully illustrate trust-based scoring – Successfully federate with InCommon – Capable of connecting collected data to AD accounts
Why? • Creating Business Requirements with the organization builds support and buy-in across the university. • Business requirements can be a deliverable for IAM. • If you know what you need, you’ll know which vendors don’t work for you. • You can do a ‘mini-RFP’ with your requirements.
Example of our Matrix
Pitfall #4 – Being Future-Blind • It’s very easy to think of IAM as strictly an internal process but it isn’t! • Your users are likely bringing their own identities and may or may not want to use them at your organization. • If your platform can’t do both internal and external ID management, it will not be useful.
Solution: Design for the Future • Do not limit your thoughts to just keeping the status quo… prepare for the future! • Can a user (or contractor) use your infrastructure even if they are in another country? • Consider the buzzwords: Internet of Things, Open Authentication, etc.
Fully Integrated IAM
Why? • IAM is not an application, it’s a platform • Digital natives seek a truly integrated approach. • Greater visibility on a single pane of glass. • One IAM to rule them all.
Pitfall #5 – We Require More Resources • Too many organizations don’t take IAM seriously enough from a resource standpoint. • Too few staff, stretched too thin. • Too may responsibilities, not enough manpower • Lack of direction and oversight. • Sorry, no money… 
Solution: Make an Actual IAM Team • Dedicate a team lead and one or two staff (initially) to IAM. • Do not try to offer time sharing of resources. • Beyond the core team, have a cross functional team that drives it for the greater good.
OU’s IAM Team Portfolio Identity Management IAM Platform Active Directory SSO (PingFederate) MFA (Duo) Access Management Network Access Control (ClearPass) Cloud DLP (CloudLock) Federated Access (InCommon)
Why? • Overuse of resources causes stagnation. • Allocating an actual team for the project ensures that it is staffed and funded. • If the IAM team has a portfolio of tools, it makes it easier to get that ‘single pane of glass’ for IAM.
Pitfall #6 – Lack of Engagement • IAM cannot live in a bubble. • If you don’t engage your organization’s stakeholders, the program won’t last long. • Everybody’s voice needs to be heard or they won’t hear yours!
Solution: Transparency & Communication • Make sure everybody that will listen to you knows what is going on! • An organization is not an organization without staff, visitors, contractors, etc. … get them engaged. • Don’t just ask managers and high-level employees, the rank and file employees have lots to share.
The Big Show and the IAM Email List • Consider creating an IAM Communications email or journal or social media path. • Prepare to create a method for governing your IAM Platform and data use • Invite your top vendor to offer a ‘big show’ demo where anyone can attend!
Why? • Keeping communication open gives more people a voice. • The more people that feel their voice is heard, the more support you have. • If one person has a concern about part of it, they aren’t the only one.
Pitfall #7 – Not Planning for the Lifecycle • It’s easy to focus too much on ‘active’ employees or vendors. • Sometimes others are ignored. • You cannot treat each stage the same!
Solution: Plan for the Full Lifecycle • You literally must think about IAM from the cradle to the grave. • Each stage in the lifecycle has its own requirements and needs. Plan for them! • Document all possible lifecycle stages and get feedback from someone in each group.
More Scary Diagrams and Nice Colors
Why? • An identity changes state many times throughout the lifecycle. • The lifecycle of an academic identity is very different than a corporate one. • Not just people have identities, so do devices and systems
Pitfall #8 – Not Expecting the Unexpected • You cannot predict everything • The deeper you get into IAM, the more ‘spaghetti’ you will find • People will be protective of their processes
Solution: Keep Things Fluid • No that it is not ‘if’ or ‘when’ your IAM scope will change but ‘how many times’ • Add some fluidity to timelines and deadlines • Learn when to draw the line without impacting your goals • Sometimes small steps are better than big strides
IAM@OU, 2 Years In • Timeline had to be moved at least 4 times. • Hidden dependencies added over 1000 hours to development time. • New systems became critical systems that were not accounted for in Discovery • Extensive human hours caused resource constraints in other departments
Why? • IAM is so large that teams do not always realize the scope until it’s too late. • Demanding hard timelines can reduce success of your IAM deployment • Innovation may not always appear at the beginning • You can’t build IAM alone
The New Reality of IAM • Open walls, processes and communication. • Touches everything in your organization. • Impacts everyone in your organization. • Can be the best piece of your organization… or the worst. • Integral to managing risk and security to your organization
Need more help? Keep in Touch! • Slides Available at the end of this presentation • Email: dshields@ou.edu • LinkedIn: https://www.linkedin.com/i n/daveshieldsok/

More Related Content

PDF
Bit by Bit: A Framework for Building Technological Competence as a Lawyer
Jack Pringle
 
PPTX
Bit by Bit: Effective Use of People, Processes and Computer Technology in the...
Jack Pringle
 
PDF
Publishing Strategic Technology for Association of Catholic Publishers
Craig Miller
 
PPTX
Synerzip’s Top 10 Take Aways, From Agile 2013
Synerzip
 
PPTX
IAM - One Year Later
Dave Shields
 
PPTX
Developing an IAM Roadmap that Fits Your Business
ForgeRock
 
PPTX
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IBM Sverige
 
PPTX
The Path to IAM Maturity
Jerod Brennen
 
Bit by Bit: A Framework for Building Technological Competence as a Lawyer
Jack Pringle
 
Bit by Bit: Effective Use of People, Processes and Computer Technology in the...
Jack Pringle
 
Publishing Strategic Technology for Association of Catholic Publishers
Craig Miller
 
Synerzip’s Top 10 Take Aways, From Agile 2013
Synerzip
 
IAM - One Year Later
Dave Shields
 
Developing an IAM Roadmap that Fits Your Business
ForgeRock
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IBM Sverige
 
The Path to IAM Maturity
Jerod Brennen
 

Similar to 8 Pitfalls of Next Generation IAM Programs (20)

PDF
Streamlining Identity and Access Management through Unified Identity and Acce...
happiestmindstech
 
PPT
The Path to Identity Access Management Assessment
pnorberto
 
PPT
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
PreethamS41
 
PDF
The Keys To A Successful Identity And Access Management Program: How Does You...
Dell World
 
PPTX
Identity and User Access Management.pptx
irfanullahkhan64
 
PDF
Building an Identity Management Business Case
Hitachi ID Systems, Inc.
 
PPTX
20170912_Identity_and_Access_Management.pptx
Anand Dhouni
 
PDF
Identity and Access Management 101
Jerod Brennen
 
PPTX
Identity & Access Management
 Project Challenges and Recovery
Hanno Ekdahl
 
PPTX
Identity and Access Management Introduction
Aidy Tificate
 
PPTX
A Practitioner´s Recommendations for successful IAM Programs
Horst Walther
 
PPTX
Flaws in Identity Management and How to Avoid Them
NetIQ
 
PPTX
Identity Management: A New Key Strategic Infrastructure
JISC Netskills
 
PDF
Enterprise Identity and Access Management Use Cases
WSO2
 
PPT
CAUDIT IAM Framework_v1.1
The University of Queensland
 
PPTX
Identity and Access Management Playbook CISO Platform 2016
Aujas
 
PPTX
8 Benefits of an Identity and Access Management Roadmap
Hanno Ekdahl
 
PDF
Ten Years of Identity and Access Management_ Key Takeaways by Keith Brautigam...
Keith Brautigam
 
PPT
IAM Solution
vikasraina
 
PPTX
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman
 
Streamlining Identity and Access Management through Unified Identity and Acce...
happiestmindstech
 
The Path to Identity Access Management Assessment
pnorberto
 
EDUCAUSE_SEC10_Apr2010_Fed_Seminar_Final.ppt
PreethamS41
 
The Keys To A Successful Identity And Access Management Program: How Does You...
Dell World
 
Identity and User Access Management.pptx
irfanullahkhan64
 
Building an Identity Management Business Case
Hitachi ID Systems, Inc.
 
20170912_Identity_and_Access_Management.pptx
Anand Dhouni
 
Identity and Access Management 101
Jerod Brennen
 
Identity & Access Management
 Project Challenges and Recovery
Hanno Ekdahl
 
Identity and Access Management Introduction
Aidy Tificate
 
A Practitioner´s Recommendations for successful IAM Programs
Horst Walther
 
Flaws in Identity Management and How to Avoid Them
NetIQ
 
Identity Management: A New Key Strategic Infrastructure
JISC Netskills
 
Enterprise Identity and Access Management Use Cases
WSO2
 
CAUDIT IAM Framework_v1.1
The University of Queensland
 
Identity and Access Management Playbook CISO Platform 2016
Aujas
 
8 Benefits of an Identity and Access Management Roadmap
Hanno Ekdahl
 
Ten Years of Identity and Access Management_ Key Takeaways by Keith Brautigam...
Keith Brautigam
 
IAM Solution
vikasraina
 
Identity & Access Management - Securing Your Data in the 21st Century Enterprise
Lance Peterman
 
Ad

Recently uploaded (20)

PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
PDF
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PPTX
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
PDF
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
PDF
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
PDF
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
PDF
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
August Patch Tuesday
Ivanti
 
PDF
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Taming the Chaos: How to Turn Unstructured Data into Decisions
Safe Software
 
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
Modernising the Digital Integration Hub
Daniel Toomey
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
A contest of sentiment analysis: k-nearest neighbor versus neural network
IAESIJAI
 
DP Operators-handbook-extract for the Mautical Institute
LeonelMejiaLarios
 
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
August Patch Tuesday
Ivanti
 
TrustArc Webinar - Click, Consent, Trust: Winning the Privacy Game
TrustArc
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Geologic Time for studying geology for geologist
ssuser738f5a
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
Ad

8 Pitfalls of Next Generation IAM Programs

  • 1. 8 PITFALLS OF NEXT GENERATION IDENTITY MANAGEMENT Presented By: Dave Shields, Managing Director of Identity and Access Management – University of Oklahoma
  • 2. About OU • Public funded, research institution in Oklahoma • Approximately 37,000 students, 12,000 Faculty/Staff • Spread across 3 campuses • Highly decentralized environment
  • 3. IAM Program Reality Check • Just because you build it, doesn’t mean they will come… • Old processes die hard and new processes die easy. • Learn to ‘see’ the pitfalls and prepare for them.
  • 4. Pitfall #1 – Bad Planning • Bad planning kills new ideas. • Just because you can buy it doesn’t mean you should. • IAM touches too many things to live in a vacuum.
  • 5. Solution: Build a Roundtable! • Dedicate at least one person full time to IAM, more if you can. • Create a ‘think tank’ with people who have a stake in IAM. These stakeholders build buy-in for the program. • Your Roundtable can help your plans succeed. • Tribal knowledge is better than technical depth.
  • 6. The IAM Roundtable at OU • Meets every other week and also maintains email communication outside of meetings • Meetings are open to anyone who wants to listen. (don’t create a wall) • Consists of Enterprise Architects, representatives from high impact areas, and rank and file employees with tribal knowledge.
  • 7. Why? • Reduces power struggles, egomania and ‘manic planning.’ • Increases collaboration across the diverse structure of the university. • Shows a unified front against a problem that can’t be ignored. • Offers a basis for IAM Governance later on
  • 8. Pitfall #2 – Garbage Processes • Existing processes may be good but they can also be part of the problem. • We don’t always realize a process is garbage until we examine it. • No matter how great your next generation IAM Platform is, it won’t fix a bad process if you replicate it.
  • 9. Solution: Seek and Destroy • Spend a lot of time documenting core identity processes (i.e. how does an account get from here to there?) with those who know them best. • Break out the flow charts! • Illustrate processes to the owners. • If garbage is found, destroy (or recycle) it.
  • 10. Scary Diagrams and Nice Colors
  • 11. Scary Diagrams and Nice Colors
  • 12. Why? • Documenting processes can help you find issues. • Many processes have never been documented and may only live in someone’s brain. • Once the process is documented, converting it to IAM logic will be that much quicker!
  • 13. Pitfall #3 – Wrong Product Choice • The best product for your organization may not be the popular choice. • Don’t make IAM just a solution looking for a problem. • The Gartner Magic Quadrant is not the final word on what’s best!
  • 14. Solution: Create Business Requirements • Craft a minimum of 5 Business Requirements, and hold the vendor(s) accountable! • Use your think tank (roundtable) and key stakeholders to determine what is really required for your IAM Platform. • The more feedback you have, the better the requirements will be.
  • 15. Business Requirements for OU • We created 10 business requirements for OU and explained what each of these are: – BR01: Legacy Replacement – BR02: Secondary ID Source – BR03: Triangulation of Trust – BR04: Role Assignment/Mirroring – BR05: Integration with Existing Systems
  • 16. Business Requirements for OU • We created 10 business requirements for OU and explained what each of these are: – BR06: Audit and Attestation – BR07: Platform Location (Cloud vs. On-Prem) – BR08: Academic Lifecycle of an Identity – BR09: Web Portal Experience – BR10: Independent Sustainment of IAM Platform
  • 17. Example of Requirements: • BR03:Triangulation of Trust: – Successfully offer a web portal to request secondary ID’s – Successfully accept authentication from sources such as Facebook, Email, SSO, etc. – Successfully illustrate trust-based scoring – Successfully federate with InCommon – Capable of connecting collected data to AD accounts
  • 18. Why? • Creating Business Requirements with the organization builds support and buy-in across the university. • Business requirements can be a deliverable for IAM. • If you know what you need, you’ll know which vendors don’t work for you. • You can do a ‘mini-RFP’ with your requirements.
  • 19. Example of our Matrix
  • 20. Pitfall #4 – Being Future-Blind • It’s very easy to think of IAM as strictly an internal process but it isn’t! • Your users are likely bringing their own identities and may or may not want to use them at your organization. • If your platform can’t do both internal and external ID management, it will not be useful.
  • 21. Solution: Design for the Future • Do not limit your thoughts to just keeping the status quo… prepare for the future! • Can a user (or contractor) use your infrastructure even if they are in another country? • Consider the buzzwords: Internet of Things, Open Authentication, etc.
  • 23. Why? • IAM is not an application, it’s a platform • Digital natives seek a truly integrated approach. • Greater visibility on a single pane of glass. • One IAM to rule them all.
  • 24. Pitfall #5 – We Require More Resources • Too many organizations don’t take IAM seriously enough from a resource standpoint. • Too few staff, stretched too thin. • Too may responsibilities, not enough manpower • Lack of direction and oversight. • Sorry, no money… 
  • 25. Solution: Make an Actual IAM Team • Dedicate a team lead and one or two staff (initially) to IAM. • Do not try to offer time sharing of resources. • Beyond the core team, have a cross functional team that drives it for the greater good.
  • 26. OU’s IAM Team Portfolio Identity Management IAM Platform Active Directory SSO (PingFederate) MFA (Duo) Access Management Network Access Control (ClearPass) Cloud DLP (CloudLock) Federated Access (InCommon)
  • 27. Why? • Overuse of resources causes stagnation. • Allocating an actual team for the project ensures that it is staffed and funded. • If the IAM team has a portfolio of tools, it makes it easier to get that ‘single pane of glass’ for IAM.
  • 28. Pitfall #6 – Lack of Engagement • IAM cannot live in a bubble. • If you don’t engage your organization’s stakeholders, the program won’t last long. • Everybody’s voice needs to be heard or they won’t hear yours!
  • 29. Solution: Transparency & Communication • Make sure everybody that will listen to you knows what is going on! • An organization is not an organization without staff, visitors, contractors, etc. … get them engaged. • Don’t just ask managers and high-level employees, the rank and file employees have lots to share.
  • 30. The Big Show and the IAM Email List • Consider creating an IAM Communications email or journal or social media path. • Prepare to create a method for governing your IAM Platform and data use • Invite your top vendor to offer a ‘big show’ demo where anyone can attend!
  • 31. Why? • Keeping communication open gives more people a voice. • The more people that feel their voice is heard, the more support you have. • If one person has a concern about part of it, they aren’t the only one.
  • 32. Pitfall #7 – Not Planning for the Lifecycle • It’s easy to focus too much on ‘active’ employees or vendors. • Sometimes others are ignored. • You cannot treat each stage the same!
  • 33. Solution: Plan for the Full Lifecycle • You literally must think about IAM from the cradle to the grave. • Each stage in the lifecycle has its own requirements and needs. Plan for them! • Document all possible lifecycle stages and get feedback from someone in each group.
  • 34. More Scary Diagrams and Nice Colors
  • 35. Why? • An identity changes state many times throughout the lifecycle. • The lifecycle of an academic identity is very different than a corporate one. • Not just people have identities, so do devices and systems
  • 36. Pitfall #8 – Not Expecting the Unexpected • You cannot predict everything • The deeper you get into IAM, the more ‘spaghetti’ you will find • People will be protective of their processes
  • 37. Solution: Keep Things Fluid • No that it is not ‘if’ or ‘when’ your IAM scope will change but ‘how many times’ • Add some fluidity to timelines and deadlines • Learn when to draw the line without impacting your goals • Sometimes small steps are better than big strides
  • 38. IAM@OU, 2 Years In • Timeline had to be moved at least 4 times. • Hidden dependencies added over 1000 hours to development time. • New systems became critical systems that were not accounted for in Discovery • Extensive human hours caused resource constraints in other departments
  • 39. Why? • IAM is so large that teams do not always realize the scope until it’s too late. • Demanding hard timelines can reduce success of your IAM deployment • Innovation may not always appear at the beginning • You can’t build IAM alone
  • 40. The New Reality of IAM • Open walls, processes and communication. • Touches everything in your organization. • Impacts everyone in your organization. • Can be the best piece of your organization… or the worst. • Integral to managing risk and security to your organization
  • 41. Need more help? Keep in Touch! • Slides Available at the end of this presentation • Email: dshields@ou.edu • LinkedIn: https://www.linkedin.com/i n/daveshieldsok/

Editor's Notes

  • #6: Use the power of many to influence the rejection of the few. Make sure to look for people who you might not normally think of for a ‘governance’ type board but have special skills to help your purpose.
  • #7: We work through all IAM related activities as a team If one member of the roundtable has rapport with a specific group, let that person handle that group Democratically designed
  • #8: When more people are involved in the decision, as long as they have a combined cause, they tend to fight less over who does what A roundtable doesn’t lend itself to having one person be ‘the only person’ on a project so IAM doesn’t become “Dave’s Project” Many more projects at OU than I would like to admit have been the result of manic planning. Your roundtable can share the load and plan different parts together If you require others to help you reach ‘big decisions’ then you are increasing collaboration across the entire university When you have several people from all different walks of life working together, your approach becomes more unified and centralized
  • #9: There is nothing wrong with processes that have stood the test of time. The question is… did they pass the test of time or did everything else follow because it had to? Processes can be developed over years and decades and sometimes as a result of a firestorm, it may be that it was good when it was made but it needs to be examined for relevance You can have the most powerful IAM platform ever that spits out processes in realtime but if you feed it garbage, it’s going to spit out garbage.
  • #10: If your IAM isn’t there to solve problems, why are you building it? You need to document the processes so you can put it into IAM but this may be the time to figure out what you don’t need in the new IAM world If you are a visual person, diagrams and flowcharts are amazingly useful. You might even be able to show a process owner things about their process they didn’t realize. Whatever you do, don’t bring the garbage into IAM, it will only make it stink.
  • #11: After meeting with all stakeholders, this is what we determined was how identities came to be. Don’t try to stare too hard, you’ll go blind. But this diagram served to show all things about identity and has been infinitely useful
  • #12: Don’t stare too hard, you’ll go blind! This diagram taught us how employees get their identities started. We found an area where things were being hand-keyed and likely causing some issues.
  • #13: You would be surprised at how many people asked if they could keep copies of these documents because nothing else was documented like this Those who keep processes in their brain are either going to be happy that you took that load off them or they may be nervous about giving up control of their ‘baby’. Many of the diagrams we made became the core documents for our IAM POC build and this can be used in the Production build, too.
  • #14: Everybody has those leaders in the organization who believe that only Gartner (or Forrester) are the best there is The way they evaluate products is for a much more generalized audience and there are few things that are ‘general’ in Higher Ed Even Gartner says “Just because it’s in the top right doesn’t mean it’s the best for you!”
  • #15: Consider putting your product choices in a Matrix and using it to review the material at hand. Your roundtable knows what is important to certain groups and they can help you decide. Share the requirements as much as you can with other parts of your university so that you can have lots of feedback.
  • #18: I picked this one because it was one of the most unique requirements we came up with and it really challenged a number of vendors.
  • #19: You need buy in to achieve success If your leadership wants to measure what you are doing, the requirements list or documents can be a great deliverable Picking the best vendor is much easier when you prepare accordingly. Explain how we used the requirements matrix to serve as a mini-RFP.
  • #20: Explain how you checked each vendor and scored them (0, 1, 2) Total the columns at the bottom and you can see which solution seems to do the most for your organization.
  • #21: The thing about the future is that it quickly becomes the present and soon the past IAM has to be able to do things inside your walls and outside If there is a paradigm shift in the way students communicate (such as Social Media in our time), your IAM may not be control that Make your platform work for how you work now and how you MAY work in the future.
  • #22: The future of education rests in the hands of those who are willing to reinvent it. You could be one of them. Yes, there are security concerns inherent in allowing other countries but that doesn’t mean you must avoid it The buzzwords of today will become the technology of tomorrow.
  • #23: What if your IAM future was a fully integrated system that could handle an almost endless list of sources and systems? Think outside of your university walls just as much as you think within.
  • #28: If the primary resources for IAM have other commitments, it’s that much easier to ‘kick the can down the road.’