This is the beginning (hopefully =) of some posts of a different route.
What you’ve been reading on here, for the most part, have been tech specifics about different pieces of Identity Management software, consultant business, and some other technical bits.
Today, I’d like to begin to share with you something that I haven’t read on any other Identity Management blog, that’s worth is immeasurable in this industry.
Architecture.
This is a hard topic to write about because building out an Identity Management architecture for a company is an extremely difficult task. There aren’t any classes, or training seminars that you can attend to learn this type of material, and in most cases, this is the most valuable.
If you want to weigh your consultant / employee’s worth in the Identity Management space, see how well they can architect an environment for you. How is this skill learned? How are the best in the business so good at what they do? Unfortunately for those just starting out, the answer is experience. It’s something that is learned from doing.
This all stemmed from one reader that told me they wanted to become an architect in their field. They asked me how I do it, and if I could show them how.
So, what are the fundamentals of a good Identity Management architect? Off the top of my head, here is a brief list that are important to me:
– They must know the Identity Management software that you are working with. All of it. Inside and out.
– They must have working administrator knowledge of all the major enterprise software suites and applications that are being used in big business.
– They must have intricate knowledge of networking fundamentals.
– They must have a firm grasp of the predominant language of the client.
– They must have excellent documentation skills that are technical in nature but almost have the feel of a legal document.
– They must have a political corporate mindset and understand the mindset of big business needs.
– They must have abstract reasoning skills with immediate visual conception abilities.
– They must have convincing presentation skills with a strong conviction of what is right, but the understanding of when to concede and on what.
– They must be able to multitask multiple multitasking items.
That’s just what comes to mind right now. I’m sure there are more, but these are the most common and highly important items that I can think of. This also give me a good outline to break down into more, finer point details.
Before I begin on the details though, I would like to point out the “why” in all of this.
Why should an IdM Architect master all of these skills?
This is a pain-point that I deal with daily. I receive head-hunters calls and emails all day long looking for an Oracle Identity Manager Senior level architect for a rate of $50/hr all inclusive. My response is always something along the lines of, “LOL! You’re kidding right?” Someone actually thinks they’ll get a competent architect for that price? Impossible. They’ll bill someone that has no clue what they’re doing, and disaster will strike for that uneducated client. Six months later, tops, someone like myself will be called in to “fix” what has been done, and hopefully still pull the project in on time (if they’re lucky).
Identity Management projects are very long, very expensive, involve many different departments, and have Corporate sponsorship throughout. It is very common to have a CXO closely involved during the entire duration of the project and could even possibly have their career on the lines of it being implemented properly. Monetarily, I’ve been involved with projects as low as a $100k fixed bid, to $2+ million time and materials projects that are part of larger hundred million dollar encompassing projects. The point here is that if the project fails, or takes twice as long, it is a big deal. This is why it’s so important to have it done right the first time, and as efficiently as possible.
People to be afraid of:
Any consultant company that sells you on how awesome they are but refuse to bring their consultant (that will be on your project…important!!) to be tech’d out, or that have a history less that 3 years in the industry. Why? Because they’re just “yes-ing” you to close the sale but have no clue what they’re really getting involved with. Also, they don’t have any credible staff on hand. What they’re going to do is give you a generic resume (that they probably pulled off Monster.com), and will worry about actually filling the position (lowest bidder of course) after the sale is closed. Is your project worth that gamble? I hope not. You should ask they’re architect to come to you, white-board out their ideas to you, and get verify their background. I hope this doesn’t come as a shock to companies, but a TON of supposed Identity Management consulting companies lie out their asses about what they have done in the past, or who is on their staff. Check them out! It will save you a ton of headache later.
Example: One higher education institution higher education institution gave an IdM project to a company that has never done IdM before in the past. They were a PeopleSoft installing / upgrading company. But the sales guys, “oh, yeah. We’ve done that, and we’re awesome at it!” Then when their architect showed up (me) on the first day, someone there said, “Hey! Aren’t you the guy that runs that IdM blog?” Yep… that’s me. And I make it very clear that I am employed by no one on here. Guess that companies credibility just went out the window. I left that project a week into it and moved onto a different higher-ed client that needed my services the following week (where I’m at now). I don’t work with clients that straight-up lie to their clients or myself. You need to make sure this isn’t happening to you. It’s more frequent than you may think!
Next person to be afraid of, the one that’s been writing and reviewing all of the IdM software and best practices in the market. Here’s where research analysis companies come into play. These guys kill me. I love how someone who spends all their time reading the docs, and listening to the sales pitches of the software owners make reports that determine the “best practices” for companies in this field. I hate to break it to you, but if you’re not actively in the field doing this kind of work, you have no clue what you’re talking about. Quite often, I’ll hear from my clients, “Well, so-and-so at BurtForestNer say that this is the best product for this and we should implement it this way.” Oh boy. “I understand how you feel, but you need to know that what they suggest will not actually work in your environment. Due to undocumented bugs in the product, it prevents you from running it that way without severe downtime. We discovered this through a couple of our previous clients and wouldn’t want you to go through the same issues until the vendor admits the issue and releases a fix.” Blah, blah blah. Just because you’ve read the cook book doesn’t mean you know how to cook.
Vendor Consultant Companies: Generally they have very good resources, but due to their obvious lean towards the mothership, there are a lot of things that they cannot recommend, and will easily cost you more than twice that of an outside, vendor agnostic consultant that can work more towards what is best for you, the client, than towards a support contract or additional change-orders.
So they lesson today in what a top Identity Management Architect is, more of what they’re not i guess. Coming up, I will go into the details of what they are.
Don’t let your company join the ranks of all the others that are stingy in the beginning which winds up costing them much much more in the end. Pick the right resource the first time around!