This solution exposes things that are going on.
Here's an analogy: the first time you look at drop of water in a microscope, you don’t know what things are floating around. You see things that you want to investigate, but you don’t know whether they're good or bad.
With this solution, a compliance manager is able to see things he wouldn't otherwise be able to see. He sees both the good and the bad, makes a determination of whether they're indeed good or bad, and then takes the necessary steps or actions to take the good and get rid of the bad. In this way, it allows him to do better things with regard to security control, certificates, role management, and other role-based access.
Improvements to My Organization
Unfortunately, right now it's just eye candy and, despite the ability for a compliance manager to see things he wouldn't otherwise see, it still hasn't provided the benefits we had hoped.
Room for Improvement
I can't run it across all systems because some of our systems don't have all the required configurations. I'd like to be able to run it even on those systems that aren't optimal for it.
It's a little challenging as there are things that it should be, but isn't, doing.
It's been buggy, so I don't know yet whether it can scale. And of course, we haven't been able to implement it on systems that don't have full configurations, so it's hard to say whether or not it can scale.
Customer Service and Technical Support
We have working sessions with technical support a couple days a week. They’re attentive, but are challenged by the complexity.
I ran the project, and it was a very complex initial setup.
Peel the onion slowly and make sure you can deal with the data that’s going to be revealed.