Setting Expectations for IAM Deployments

Identity Management (IdM) is like most other technologies in which organizations invest to gain improvement. The initial purchase of a software license and downloading the bits is only the beginning of the journey. The tool must then be integrated into what is often a very complex environment. Then there are the people and processes, oh… and the training (“Well, we didn’t budget for all that.”).

A few decades back, I was working in my first official sales job going door-to-door in Pike County, Kentucky selling Bibles. I was in the middle of my third summer doing this illuminating endeavor when I found myself sitting on the front porch talking to a thirty-something year old man who still lived with his mother and weighed over three hundred pounds. I was showing him one of my products and said, “Now if you don’t like that, you don’t like chicken on Sunday.” That got us talking about food, which led to him describing the delicacies of his mother’s biscuits. “Oh, they’re something else,” he said. “I’ll sit down and eat thirty of ‘em in one sitting… now that’s hiding ‘em!”

I couldn’t help looking at his girth and thinking, “Buddy, you ain’t hiding a thing. Those biscuits are THERE!”

There are some things that should be just as obvious to us in the technology space. In IdM, we often look at the license cost of a tool for Identity Governance and Administration (IGA) and think that’s the majority of the budget needed. The reality with an IGA implementation is that we often discover significant additional costs with all the data sources, applications, and the human capital involved in defining the client’s organizational processes and policies.

To make matters worse, as IdM salespeople, we typically want to minimize the cost of services to the overall project so we can maximize our license fee and close the deal (no surprise, that’s how we are paid). But once the client is in the middle of the project, the real total cost of ownership (TCO) naturally emerges and becomes glaringly obvious. Just like the biscuit man, it’s a reminder that we “ain’t hiding a thing.”

In full transparency, when I was selling identity access management (IAM) software as an individual contributor or if I was in an executive meeting for an IAM solution presentation, I cautioned my customers, “The license cost is only part of this project. As a rule of thumb, you should expect to spend at least as much for services, if not more. Sometimes it’s double the license cost, depending on the complexities of your environment. Oh, and your people will need to be involved from the beginning because we aren’t responsible for creating the policies and processes for how you grant authorization to an application.”

Are there project casualties in the technology and cybersecurity space? Not just those of hackers finding a successful attack vector or a new exploit… but of failed projects? I’ve heard many stories.

Earlier this year, I sat in on a project kickoff with our integration partner and their new customer. The client’s Vice President of Engineering expressed concern over our project timeline. “We just spent the two previous years on an identity project that never went into production.” It reminded me that simply selecting the best, market-leading software solutions is no guarantee for success.

The last thing any leader wants is a failed project for lack of preparation or proper planning, which leads to unexpected costs. When that happens, there ain’t hiding a thing!

Give us a call or send me an email to learn how we help our clients (including some of the major integration players in the IAM service industry) create successful identity project deliveries that achieve all the timeline objectives – and stick to the budget with no surprises!

Author: George Miller, IAAS Vice President of Sales

GeorgeMiller