Identity Manager allows us to have a programmatic and paradigm shift in the way that we handle identities within our organization. What we had in the past was sort of a homegrown-built system to manage identities. That is individuals coming onto our systems and out of our systems. With the Identity Manager product, we're able to automate that in a way that we couldn't in the past. The single largest improvement has really been the ability to take what was a paper sort of process, e-mail sort of process, manager phone call process, down to an automated process which allowed us to go from one week to provision someone to ask the appropriate access down to about two hours.
Room for Improvement
We've met with the product development folks, and as far as improvements, we're really looking at them from a user experience. While all the key components are there to make the product work very well, what we're looking at is enhancing the product to have much more of a more modern approach and look and feel.
The actual application is very well designed and architected, and is very stable. We're very happy with the solution so far. The product is easily scalable and horizontally in that manner, so what that allows us to do is as we onboard more and more applications as endpoints for the Identity Manager, we're able to scale appropriately. Horizontal scaling is the ability to basically say, "Hey, I have ten more endpoints. I need two more instances of the application to manage those endpoints." It's easy to just instantiate them, as opposed to us having to buy bigger and bigger boxes to manage with more memory, more compute, more storage to manage those entities.
Customer Service and Technical Support
Technical support from CA comes in two forms for us. The first one was regard to their sort of, what we call, staff augmentation model. Well, they helped us to understand the paradigm for a using Identity Manager, while at the same time helping us to understand how to use the actual product. The support that comes afterwards, which is also excellent, comes in the fact that they have forums for us to interact with. They also have sort of escalation procedures that we have a chance to work with, and so that supports us from both ends of the project. The introduction as well as the ongoing maintenance.
In the past, we did sort of a simple sort of management of identities through, what we called, the manager calls you up and says, "I'm identifying the following person." It was sort of ad hoc, so to speak. With the Identity Manager product, in conjunction with the identity governance product, we were able to define roles, enterprise type roles, and then use the identity minder product to push those role's accesses out into the application world.
I think the actual product itself is fairly simple and straightforward. The difficulty comes in trying to understand what is a paradigm for identity management in the context of this particular product.
Other Solutions Considered
Selecting a vendor is important to us. We need to make sure to pick the right vendor. Firstly, we look at are they one of the vendors we currently work with. Consistency in approach, consistency in the technology, consistency in the style, is all important for us. The product in and of itself is good, but what you need is a holistic approach from your organization, because identity management is not just simply a one area focus. It is an organizational issue. Make sure to include all the areas of the organization. We had a sort of homegrown applications that we wrote. Scripts and programs that were wrote to manage in the context of our current applications.
It is really important that we find out what the community thinks of these products. They have been through the war, so to speak, and their ability to learn and understand what the shortcomings were, what lessons learned happened for them in their particular context, is really important for us. Simply getting a White Paper is great. It's a starting point, but I like to augment that with blog reviews and understand what the rest of world thinks about our product, especially when it comes to critical products like something like an identity management system.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Jan 20 2016