- Full Life Cycle management of IT system accounts
Five years across different companies.
Yes - Some application connectors (namely Lotus Notes) - have some fundamental flaws. But the major issue was cleaning up, what we expected to be, authoritative data - specifically HR data, and users not in HR (eg. contractors, etc) and ensuring global consistency and adherence to standards.
Not of the core product, but some issues with some of the connectors (especially Lotus Notes, and ServiceNow). This has led to some issues with daily batch jobs which either time out, hang, or are terminated and this has in turn, we suspect, created some internal DB link corruptions.
Not yet. Though current nightly batch jobs range from completing within 8 hours to 48 hours, with no obvious reasons as to why
Very good.Technical Support:
Yes we did. We switched because the solution no longer offered support as it was sold to Sailpoint.
It was complex. Identity and account management is very heavily dependent on the accuracy, authority, and timing of the source data. As the implementation progressed, we became aware more and more that some of the missing detail (especially around the exceptions of when a central unique Employee number is actually "central" or consistent, or the complexity of some of the attributes - e.g. whether their validity is date dependent, allowing for multiple values, etc) will cause issues in the proposed processes and the timing of providing access when required.
We used a vendor whose level of expertise was excellent.
No ROI as of yet.
It was two years give or take.
Yes - NetIQ, Oracle, and SAP.
Spend double the time/money up front in fully understanding your business requirements, opportunities for process changes. Also ensure you get a detailed understanding of identity and access business processes and understand your HR (and other authoritative) data source.