Organizations across industry verticals shall adopt IAM as it has become the need of the hour.However IAM solution may not be able to address some of the requirements, due to limitations in the features it supports or lack of flexibility to customize.Here are the Top 5 things a CISO should evaluate to benchmark an IAM solution to meet the organization's immediate and future needs.
- Identity management products should ideally be feature rich –
- enable automation of user account management
- an easily customizable workflow engine
- allow centralized and delegated user administration
- have reconciliation and auto discovery capabilities
- provide password management capabilities
- include reporting engine that supports in-built reports as well as custom reports
- have an agentless architecture where possible
- have an intuitive, friendly and customizable user interface
Should support encrypted communication. Access to the systems should be encrypted or hashed. All user activities should be logged and audited so that end-users and administrators can be held accountable.
Assessing a vendor’s profile is important in order to determine if support for the product will be available in the near future. Ideally, bigger vendors are considered to be financially more stable.
IAM products have to be integrated with managed applications. The product should come with out-box connectors for most off the shelf applications. Building connectors requires additional effort and increases consulting costs.
Ease of deployment
Some IAM solutions can be relatively difficult to implement than others.