How To Succeed in Identity Management Without Really Trying

I do identity management the manual way! If it works and I control it then there I stay!
The Company Way – How to Succeed in Business Without Really Trying

When I was a kid my parents took me to see Matthew Broderick in “How to Succeed in Business Without Really Trying”, a show that pokes fun at American corporate culture. This song is about an employee that’s been running the mail room (application) for 20 years and doesn’t want ANY new ideas (on identity management). This song really sticks out to me after some recent discussions and meetings on why identity management can be so hard to sell internally and how you can do it effectively. The key is to solve small, simple problems first and then begin integrating enterprise applications.

Why is it so hard to sell to your stakeholders? You know its important for numerous reasons that I don’t really need to get into detail here. You know it increases usage, provides better security and increases visibility so why do your application owners fight it so much? There’s really two reasons:

  • Any external dependency outside of they’re control is a risk to their success
  • They’ve all been burned with the same promises

When trying to sell identity management to your stakeholders, you need to remember to see things from their perspective. You might be trying to do something that will help the enterprise, they’re trying to keep their customers happy and that often means rocking the boat as little as possible.

“Wait, you said I could do this without really trying…this seems like a really hard argument to make!” Well, you’re right. It is. So many identity management initiatives fail because they try to accomplish too much. They are trying to do everything for everyone and fail, miserably. Its not always a reflection on the product and rarely a reflection on the team doing the implementation.
It’s because the people you are integrating with’s goals aren’t aligned with your goals and they’re skeptical you can help them. Even with “executive” direction you’ll often receive the bare minimum of cooperation to please the powers that be and the one who looks bad is the one who tried something different.

So how do you make this easy? Like I said before, think small. Identify a problem you, as the person who will own the implementation and be responsible for its success, have an issue with. Do you maintain a private cloud but need an easy registration system? Need a simple multi-factor implementation tool? Applications that can only talk to one directory, but you have two (or three or ..)? Solve that problem first. Show success. Folks will notice. Once you have those smaller battles won, you’ll be given more leeway to try it on other systems until you find that your queue for new applications is full and you need to start hiring!

“That makes sense, but identity management isn’t exactly new. Why hasn’t everyone else done this?” – That’s a great point. The trick when starting with a tactical problem and scaling to a strategic solution is having something that you can:

  1. Deploy quickly and at a low cost
  2. Deploy with skills your team already has
  3. Quickly customize to your look and feel
  4. Change easily to adapt to new requirements
  5. Scale as new customers are brought on board

Most identity management products that are effective tactically solve very specific solutions, such as Single Sign On or LDAP virtual directory. On the other end of things, most strategic identity management systems take months (sometimes years) to deploy, are nearly impossible to change and upgrades can be feel like a game of Russian Roulette.

Enter Tremolo Security’s Unison and OpenUnison. We’re helping our customers in this situation right now. We can start of small and low cost (we’re open source, so if you really don’t have budget you can’t beat free) and scale for new situations. Need proof? Checkout our Videos section for ideas or our other blog posts. Whether you are trying to setup an identity management portal for your OpenShift deployment, need a password reset portal or have to tie together authentication and authorization from multiple sources Tremolo Security’s products and projects can help you succeed! Want to find out more? Click on Contact Us or reach out to us on twitter or github!

Comments