Increasingly, the pressure to cut costs, conflicting with the need to tighten control of system access, means sleepless nights for CIOS. Solutions for enterprise-wide identity management and provisioning offer a realistic solution. However, introducing them is a highly complex task and demands a sound methodology to ensure that the desired return on investment is achieved, and that the projects do not get out of hand.
The topic of security is precarious as it is, and has been further exacerbated by the increasing use of Web applications and access permission for external users such as customers or partners. But greater security is not the only incentive offered by central provisioning. There is
* A high potential for rationalisation
* A growing number of users can he managed without an increase in costs
* New employees can receive access rights far more quickly
* Rights can be revoked much more simply for employees who change posts or leave the company. In this way, some 90% of a security administrators routine manual activities can be automated.
Currently these changes usually have to he made by the different administrators of the various technology platforms RACF, Top Secret, Windows NT/2000, NetWare or UNIX for example for each application. This involves considerable work and is consequently often neglected in practice. However, the accumalisation of rights from an employees different posts at the company, or the failure to withdraw access permissions, harbours a high risk of data theft or sabotage that, given the difficulty in quantifying it, is frequently ignored in ROI calculations.
Provisioning solutions pay off here thanks to the effect of automation alone.
In addition identity management reduces the workload on the administration and help desk teams thanks, to features such as single sign-on and automatic password resetting, Users no longer have to remember a different password for each system or even application, but can obtain automatic access to all the relevant systems by entering a single password.
The result: the help desk no longer needs to he contacted because users have forgotten their passwords or IDs, which means up to fifty percent fewer queries addressed to the help desk ,queries that cost 15 US dollars each, according to estimates. Accordingly, the prospects for a high ROI with identity management are extremely enticing provided that the implementation project runs on time and within the defined budget.