Identity management implementations tend to be long, complex, multiyear affairs. Even if a company is investing in a complete suite of identity management (IdM) products, one must be careful not to plan for a one time clean break with the existing IdM set up already in place, however antiquated or inefficient it may be.
Phasing identity management implementations is a key best practice in IdM implementation strategies. Properly breaking the IdM implementation into meaningful chunks not only provides quick wins that help you forge ahead, besides ensuring that the new implementation doesn’t disrupt the existing IdM infrastructure – and as anybody who has implemented IdM projects will tell you, this is one of the biggest fears of a new IdM project – what’ll it to do to my current system?
Identity what are the immediate pain points that your IdM deployment can fix quickly with the least disruption to existing operations. Maybe Single Sign-On or Password Management policies are the areas that are causing most of the headaches in the current system. You probably should design your implementation strategy to solve these two issues first. If compliance related issues are at the top of the wish list, then you should probably first implement the attestation, separation of duties and related compliance components of the IdM system.
A meaningful phasing in of large IdM implementations brings forth increased support and commitment from the organization because you’ve successfully demonstrated the usefulness of the new IdM system by solving the burning IdM issues at the outset. By doing this, you not only reassure the organization that the new system will be help rather than a hindrance, but also show the ROI of the new IdM system.