Mastering Identity Management: Challenges in Selecting an IAM Solution

March 30, 2016

Identity Management solutions have evolved dramatically over the last 10 years, with numerous new entrants into the marketplace. The good news is that cost conscious and proprietary-wary companies have several mature and emerging choices available both via the Cloud and Open Source solutions. With these newer options, the question becomes a bit larger than just picking a platform; it also is a decision about operations, support, control, and security. The bad news is, when organizations invest to change and/or standardize IAM platforms, the size and cost of the effort will impose some level of lock in for the next 3-5 years.

These decisions should not be made lightly.

As competition increases in the Identity Management space there are, perhaps, too many vendors. Established IAM platforms such as Oracle, CA, and NetIQ find themselves surrounded by maturing solutions and a bevy of niche products. The question is, are the established players just dinosaurs watching the first mammals scurrying around, unaware that these niche entrants will unseat them as new IT realities unfold and organizations move to the Cloud?  At this point, it’s too soon to know with any certainty. The exploding number of entrants in this market has been creating confusion among architects and buyers alike. In such a muddled market, executives are hard-pressed to sort out reality from vendor hype, and resort to product bake-offs: comparing products against long lists of features, requirements, and specifications.

As a result, IAM offerings are difficult to evaluate, expand in scope rapidly and, increasingly, fail to deliver business value on reasonable time lines and within budget. IT leaders must change their evaluation criteria to focus on well-defined use cases, producing measurable business value or significantly improving provisioning processes, otherwise IAM projects will fail to meet business objectives. An additional challenge is that there is a growing tendency to cobble together a patchwork of technologies that don’t work well together; leaving IT administrators with a set of automated reports to reconcile the differences between products. Needless to say, this is less than ideal.

Challenges to Selecting an Identity & Access Management Vendor

1. Magnitude of financial investment and the cost of making a wrong selection

2. Discomfort with vendors

3. Lack of consistency & consensus within the organization

  • Internal business challenges/ Lack of consensus between business and IT
  • Buy-in from organizational stakeholders (HR, CISO, CIO, Operations)
  • Which requirements are top priority/most impactful?

4. State of commercial technology vs. emerging architectural trends (Cloud and Open Source)

5. Changing needs

  • Security
  • Scalability
  • Regulatory/Compliance requirements
  • Move to Cloud
  • Growing scope of identities that need to be managed


So how can you do a better job picking the right IAM solution for your organization? Stay tuned for our next blog: A Better Process for IAM Vendor Evaluation.

Signup to receive our biweekly Identity Management & Cybersecurity newsletter.


Photo credit: IBM Research

More News