If you don’t know where you are going, no road will take you there

Apologies to Lewis Carol and the Cheshire Cat.

Mark MacAuley makes me laugh. He is a funny guy, but that’s not why he makes me laugh. He makes me laugh when he finds situations like this one:

I spoke to a non-US Government Agency yesterday about their Identity Management initiative. Turns out they are hung up on an architecture. Why? Because there is no identifiable (or identified) business process for them to build for. The business users are saying – Just buy a tool and it’ll take care of it that’s what their workflows are for’. Those of us who do this for a living are probably smirking or laughing out loud at the comment. Typical, but one of the leading causes of unsuccessful projects.

Why is this funny? Because I already know this project is doomed to fail and all you can do is shrug your shoulders and laugh.

Having “the business” abdicate its role as the driver of any project like this is criminally irresponsible. (For you hardcore cynics, I don’t care that this is a government example; that’s not an excuse.) Identity Management is waking up from its speed and feeds adolescence. More importantly, the market is starting to snap out of its IT-induced hypnosis, and it is business that will benefit. The business cannot simply punt on an opportunity like this.

I literally just got out of Courion’s user conference, Converge. I would say that about half of the presentations from customers, analysts, and Courion staff alike related to the business drivers and the business view of identity management projects.

Simple example – from a business perspective, identity management often gets attestation wrong. Unless you have the absolutley most friendly Active Directory group names in the world, presenting a list of groups to a manager and asking, “Are these the groups that Ian should have?” is essentially useless. Now presenting a list of business functions as the content of an attestation event – that makes sense. Instead of sending AD group SHRPT1_ENG and CITRIX_PRESSRV_02_SAP863 to my manager, send “Access to the Engineering Sharepoint server” and “Access to SAP Instance 863 via Citrix Presentation Server.” It is simple things like this that turn IdM projects into true business enablers.

I’ll be back soon with some other thoughts from Converge and an interesting conversation Phil Becker and I seem to always be in the midst of.