Layer7 Identity Management

The Quick—and Lasting—Value of Out-of-the-Box IdM Customizations

By wilda05 posted 03-22-2017 06:59 PM

  

As organizations enter emerging markets by acquiring companies that are successful in those markets, the burden falls to IT departments to introduce new services, maintain security and reduce costs by integrating and streamlining operations, all while onboarding acquired employees. Often, that requires customization of your IDM solution, such as interfacing with legacy systems that need to be kept, at least for the time being.

 

Currently, 70% of IDM implementations I work on have some customization, but it’s tending down. I would estimate that in the past, 70% of IDM implementations had a lot of customization. In discussing whether or not to customize, I remind the customer that once CA leaves the premises, the client is responsible for governance of those customizations, so they need to retain the technical skills to keep it going.

 

But often, there’s a better solution. CA Services offers several rapid IDM deployment scenarios that reap value in three short months.

 

Deployment Xpress simplifies the process of deploying common IDM use cases, such as password reset, forgotten password reset, and birthright provisioning to common endpoints such as Active Directory, without custom coding. Clients select the use cases they need, and Deployment Xpress automatically creates the basic code and policies. A virtual appliance makes installation/configuration quick and easy.

 

Our best advice to customers is to stay on the field of play with out-of-the-box capabilities, but sometimes they need endpoints for which we don’t normally provide provisioning connectors. In those cases, we use Connect Xpress, an out-of-the-box tool, to create a new connector quickly.

 

Another option is IDM Policy Xpress, where we can do a lot of logic in policies out of the box, so that clients don’t have to code their own Java or C++ code. This is a huge advantage, for two reasons. First, governance is much less of an issue once CA Services leaves the premises. Second, when the client later decides to do a migration or upgrade (or any other work), there is no need for the client to have the right skill set to manage custom components.

 

When it comes time to migrate to a new release or environment, Config Xpress eases and facilitates a simplified graphical migration of IDM environments. This out-of-the-box tool supports the migration of and delineation of all IDM objects and their dependencies in the environment, including roles, policies, tasks and workflows, among others. It also provides a graphical comparison that establishes the differences between two configurations, without losing yourself in thousands of lines of XML code.

 

So before you decide that a customized solution is the only way to go, consider the semi-custom route with CA’s Xpress products.

1 comment
3 views

Comments

03-22-2017 07:15 PM

Thank you for sharing this with the community Daniel!

The Quick—and Lasting—Value of Out-of-the-Box IdM Customizations