Identity and access management (IAM) engineers are in high demand. We often hear from customers that the one key person who was knowledgeable about their IAM solution and future needs has moved on to another position leaving the current staff with a gap in knowledge, expertise, and next steps. This causes stress and extra time spent becoming familiar with what’s in place, gaining the knowledge to understand the details, and identifying key next steps to move forward with needed Identity goals. Worst of all, they are left with an empty role--there is no one to fulfill those needs and get (or keep) the IAM environment up and running as expected.
If you are in a situation like this, an Identity & Access Management Evaluation can help to fill the knowledge gap and position you to better withstand the comings and goings of key personnel in the future. The result of the evaluation not only will provide a clear view into what your IAM current state looks like but taking into account goals, will also provide what the future state could look like.
What to Look for in an IAM Evaluation
To be truly useful, an IAM evaluation requires several important components. The starting point should include discussions and detailed interviews with key area stakeholders within your institution or organization. In addition to the current state of your IAM System, these discussions can often bring up forgotten needs that have been pushed aside in favor of other priorities. Hearing the different points of view, requirements, and goals throughout your organization helps clarify both your current and long-term Identity priorities.
An effective evaluation also includes a review of your existing documentation and infrastructure. Among other things, this will provide information about whether you are well-positioned to withstand staffing changes and how your IAM solution stacks up against current best practices and policies. Combined with the discussions and interviews, the existing documentation and infrastructure review provide sufficient content to confidently document your IAM current state, goals, and future needs.
The deliverable for an effective IAM evaluation includes a clear statement of your goals, objectives, and business needs. Ideally, the evaluation will include a comprehensive summary of the current state of your IAM solution, any identified gaps along with future state recommendations. The assumption is that all of this is documented by reflecting on the goals provided during the initial discussions.
Lastly, a high-level roadmap to guide implementation should be provided which includes addressing your immediate infrastructure and documentation needs as well as providing guidance and recommendations for your decision making around future next steps, both strategic and tactical.
Why Do an IAM Evaluation?
A complete Identity & Access Management evaluation provides an accurate and comprehensive view of the current state of your IAM solution. It allows you to make informed choices based on your needs and priorities allowing you to manage your current system and enhancements in a more efficient and cost-effective manner. It ensures that you are aligned with best practices and industry standards while meeting Identity goals and fulfilling objectives. Finally, it provides a recommendation of what the future state architecture could be, including a high-level roadmap to get there successfully.
It can be frustrating when a key IAM person moves on, leaving behind uncertainty and knowledge gaps--especially in a functional area that is so critical to the success of an organization. A comprehensive and well-crafted IAM evaluation can protect you from the consequences of staff transitions and ensure that you will be able to make the right choices to move your IAM system forward in the future.
As the Spring semester is coming to a close, there’s still time to develop a firm understanding of your Identity & Access Management System so you’ll be prepared for the Fall semester.
