Best Practice IAM Implementation

Identity and Access Management is a broad concept that can have an enormous impact on business. By providing complete user identity life cycle management using automation as a backbone, IAM tools not only take a huge burden away from IT, but also enhance the business’s ability to control users and ensure compliance. With a proper attribute and role based IAM solution, users can be given the exact access they need without all the manual setup and auditing. By handling things electronically, IAM tools remove a lot of paperwork and are able to provide up-to-date reports as long as they log all actions and changes properly.Identity and access management solutions provide information and control while saving money for the business.With all these features, IAM tools quickly become an integral part any IT, CIO or CISO’s toolbox. A proper IAM tool can seamlessly interact with all IT systems in your environment and ensure fast roll-out and decommissioning of any such system. But the trick to implementing an IAM solution, as I see it, is to prioritise in stages the benefits you want to achieve in the short and the long term. Here is my advice when rolling out an IAM tool:

  • Understand your business needs: Establish how far you need to implement the IAM solution; one size does not fit all here. Ensure that the various phases of your IAM project are tied to quantifiable business results.
  • Review your policies (risk, management and workflows): Check that internal policies and department responsibilities are up-to-date and defined properly.
  • Don’t rush in: Successful IAM implementations can take up to three years – don’t try and cut corners, as clearing up the mess may be difficult and potentially wreck your bottom line.
  • Scale it: Don’t do too much at once. Get an easy win first, rather than tackling a major task from the beginning. An early win is essential to ensure buy-in stays strong.
  • Collaborate: Cooperation is the key to a successful deployment. Make sure you get the right people on board across the business: involve system administrators, managers and executives, as well as end users. Do not use a siloed approach.
  • Training, education, practice: Provide focused instruction to both users and IT staff, and ensure that regular refreshers are scheduled.
  • Future-proof your plans: Don’t fall into the trap of vendor lock-in. Instead, look for the most flexible solutions. The best way should allow future integration without too much pain.


Depending on your reasons for implementing an IAM solution, you need to look for short-term benefits and long-term ROI. Let the benefits stack up rather than trying to grasp them all at once. Trying to force a fast full-scale implementation can increase the risk of failing and a lack of buy-in. By taking things one step at a time, IAM can still be implemented faster than you think as each step prepares you, and everone involved, for the next one. First year benefits could include AD cleanup, a user identity overview, license alignment of certain systems, self-service password reset options, automated provisioning and HR reporting.

By connecting one system at a time without rushing access and policy setups, onboarding, offbording, identity control and management can slowly be transitioned from IT to business users in a safe and stable manner.

More information on IDM365 and MIM can be found here.