Choosing the best IAM Suite for your Organization: Criteria Checklist
An Identity and Access Management solution (IAM) can make or break your organization’s security posture. There is no one ‘right’ solution since the solution that you choose will depend on any number of factors: the size of your organization (will decide the scope of the solution); the level of granularity you need (will decide how feature-rich you want it to be); your budget, etc.
Some criteria to consider when evaluating IAM solutions:
On-premise or cloud-based?
This choice depends on your business objectives. On-premise solutions are perceived as more secure, and allowing the enterprise greater control over the location of data. However, a cloud solution can be implemented faster, is flexible and scalable, and cheaper to deploy. Many solutions in the market today are a hybrid of the two, and may best suit your needs.
How interoperable is the solution?
Look for a solution that can be easily integrated with various types of directories, any third-party authentication systems that you use, as well all the applications that your employees, customers and vendors need access to.
A point solution or full IAM suite?
The initial payout on point solutions may be lower, but deploying a full IAM suite confers long-term benefits that outweigh the higher upfront investment. A full-features suite covers all aspects of identity and access management, doing away with the need to invest in multiple point solutions; thus reducing complexity as well as resulting cost of integration.
Does the solution offer a high level of automation?
An automated IAM solution reduces effort around provisioning and de-provisioning. For instance, the identity and access components will be integrated such that a change in job role (hence, user identity) will automatically change associated access rights. The automation of provisioning, re-provisioning, and de-provisioning reduces time and effort spent, as well as human error.
Does the solution cover reporting and auditing requirements?
The complex nature of compliance necessitates a tool that goes beyond identity and access management to aggregate and track audit logs. Such tools monitor events and alert users to possible compliance violations.
Does the solution offer self-service features?
Self-service features enable productivity. Features such as password resets and unlocking accounts, when available through a secure and self-service portal, take away the necessity for a fully functioning help desk, driving down costs and increasing the efficiency of employees.
Does the solution have a friendly, customizable user interface?
A solution with sophisticated dashboards offers a high-level overview that is of great value to business users.
Finally, look for a solution that is scalable and highly available, especially when it comes to key functions such as provisioning, authentication, and access management. Additionally, it should not just answer your current needs but also have the potential to evolve and scale up to meet planned future needs.
As important as the solution is the implementation team that you choose to deploy it. A good implementation partner can ensure quick deployment with a rapid return and minimum business disruption. To determine the right implementation partner for your needs, consider:
· Location (single point or multiple) and geographical reach of the company
· Skill base and service offerings
· Managed Services capability (if that is what you are eventually heading towards)
· Agility and flexible pricing models
· Expertise in the chosen solution
· Ability to offer round-the-clock support
· Service Level Agreement
Look for an implementation partner with the necessary expertise, resources, and capabilities to help you with a complex implementation and post-implementation support. Do not forget to ask around and listen to what the market has to say about the company.