Most organisations approach IAM in the wrong way, says Gartner

Most organisations are approaching identity and access management (IAM) in the wrong way, by planning deployments around technologies, says Gartner.

Most organisations are approaching identity and access management (IAM) in the wrong way, by planning deployments around technologies, says Gartner.

IAM process requirements should always precede organisational and technology decisions, according to Earl Perkins, research vice-president at Gartner.

"Most IAM planning is still done around clusters of technologies, rather than by addressing specific IT or business processes," he told the Gartner IAM Summit 2011 in London.

According to Perkins, IAM should be based on policies, processes and people, and products should be a relatively small focus of the decision process in an IAM project.

Gartner recommends that business view IAM as a process, because that removes the product-centric pattern imposed by the market.

"Viewing IAM as a process attempts to identify where people and IAM technology can be most effectively used to fulfil the practices and policies of the organisation, and helps an organisation articulate its requirements and target them at the areas where there is the most need," said Perkins.

Many IT departments within businesses make the mistake of assuming that business will adopt whatever IAM systems they build, he said, but projects that do not meet real business need or bring benefit to the business are bound to fail.

"IT should quit answering questions no-one is asking and instead work with the business to find out what the real needs are and where IAM can add value."

One way of building bridge between IT and the business, says Perkins, is to move beyond core IAM functions of being able to control, observe and inform about access.

By linking up the wealth of data stored in IAM systems with business data, he says, IT can help create real business benefit and justify investment in IAM.

Read more on IT jobs and recruitment

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close