In organisations with no established practise of IAM, introducing it can be an uphill battle. Attempts to introduce IAM for its own sake are often not successful – you need something else driving the project, something high profile with fixed deadlines and high-level sponsorship within the organisation.
IAM can’t be implemented like a layer over the top of whatever account management exists today; it’s got to get right in there, modifying the data, making decisions based on its rules, changing things.
And it can take a surprising amount of work to prepare connected systems for IAM. Existing accounts must be properly identified, inconsistencies in the data must be tidied up. This can be tedious work and it’s not surprising that it goes to the bottom of the pile until the pressure is on.
What this means is that IAM is repeatedly put on hold until some other project with a bigger budget and importance to the business is depending on a well-managed, reliable identity layer. Suddenly the doors open and the IAM project is on – by next week if at all possible. And while we’d like more time to do the job it is certainly better than an IAM project that drifts on for years, mired in politics and apathy, and not delivering on a fraction of its potential.
So what can you do if you’re the one trying to push a flagging IAM project through without this type of over-arching project to get everyone’s minds focussed? All I can say is be ready: have your facts and figures on hand, be able to point out where IAM is hindering progress in other areas – and hopefully people will eventually get the message.
