Information Technology Reference
In-Depth Information
Introduction
When you read the literature or talk to the experts, you may come away
with the impression that IAM (Identity and Access Management)
2
is a huge
and complex domain.
In our experience, that's just not true. Like SOA (Service -Oriented
Architecture), IAM may not be easy. But it is simple
3
. Here is essentially the
value that Identity and Access Management adds to your business functions:
Fig 5: IAM Functions
Once you understand some simple principles, you can very quickly see what
needs to be done to enable this, and (with some guidance) even how to do
it. But ah, actually doing it is the killer! It takes political will, a battering ram
and very thick skin to be able to steer an organisation to a simpler place,
from which point onwards (funnily enough), everything becomes easy as
well.
What actually happens in practice? Faced with a task that is simple but not
easy, organisations generally do the most expedient thing. They go out and
buy a product. Because buying a product is easy.
A couple of years and oodles of dollars later, organisations then wonder why
the promised goodies failed to materialise. The honest ones organise a
court-martial and a firing squad. The dishonest ones (the majority) tend to
declare victory regardless. In one egregious case, an organisation we know
2
To be exact, Identity Management includes Access Management, so we will refer to
the combined capability as IAM (Identity and Access Management) throughout this
document, although the common industry term seems to be just Identity
Management.
3
By way of analogy, “Don't tell lies” is a simple principle, but not an easy one to
follow!
