Jeffrey,
I think one of the important point will be acceptance by the business owners
and the management. Implementing a IAM will cost you a lot of money and will
cause you a huge development effort while inregrating the variuos applications.
Even a feasebility study will be one huge project by its own to decide weather
you rely on a IAM based on the mission critical apps or you go for full blown
system.
However, implementing an IAM will enhance the security and support the
operations. ROI figures will become one of the most important points during
evaluation. It isn't that easy, while the IAM will reduce cost on the one hand
side (less administration effort, support during reporting, etc) it will cost
you some money for development for your apps on the other hand.
Where to start? From my point of view, looking at your specific needs will
become crucial! Define your requirements, or at least what you think will be
better with an IAM and see how this will fit into you existend environment.
Start with some applications (not all at a time) but choose a solution whith
open standards. Decide (before choosing an IAM) what kind of apps you would
like to integrate and what kind of capabilities you expect.
To learn a little more about IAM, I have found that RSA has a good (solution)
description. I'm not quite sure if they have published it for free download,
but you can contact them for a RFI.
Good luck with the project
Cheers,
Maik
_______________________________
-----Original Message-----
From: Jeffrey Choi [mailto:jeffreychoi77@yahoo.com]
Sent: Dienstag, 12. Oktober 2004 06:16
To: security-management@securityfocus.com
Subject: Identity Management System
Dear All,
What would you consider when evaluating Identity Management System?
Anyone would like to share their experience of issues faced/solved during the
implementation life cycle?
Thanks a lot.
Jeffrey
_____
<http://uk.rd.yahoo.com/evt=21626/*http://uk.messenger.yahoo.com> ALL-NEW
Yahoo! Messenger - all new features - even more fun!
