Maintaining data quality is the single most important principle of a functioning Identity Management solution. In fact, realizing the benefits of automated user provisioning and access management processes depends on it. Unfortunately, there is a huge performance penalty for getting the data wrong that users will not accept – putting your IAM program at risk of failure. Here are three steps you can take to mitigate data quality risks when building your IAM solution:
Step 1: Create and validate your Data Map from the System of Record (SoR) to your IAM solution.
The Data Map will:
- Determine the user attributes you need to synchronize between systems and which Source Attribute is stored in which Destination Attribute on the user record.
- Align stakeholders HR and IT on what data is needed to make IAM work.
- Establish the basis for integration (data flow) between the systems.
Step 2: Develop a data validation plan.
Key activities in the plan:
- Verify that data is in the proper format (e.g., text, numeric, date) so that it can be processed.
- Compare data extract from SoR with IAM to see what is changing and identify the user impact and any anomalies (e.g., 50% of users will have a new manager.)
- Verify that the data is accurate.
After developing a plan, we must acknowledge two things:
- The validation plan is unlikely to uncover every error in the data. Especially, if the data set is large and complex; we can assume some undiscovered errors will remain.
- However, the validation plan should uncover most errors in the data, if it has been designed well; this will mitigate the implementation risk.
Step 3: Synchronize data in phases.
- Divide the population into logical groups. This can be done based on user type (e.g., employee, contractor, customer, vendor), or based on data confidence (e.g., completely validated, partially validated, not validated).
- Populate IAM with the data from the SoR through your integration (e.g., process iDocs or other data files) for a small set of users.
- Evaluate data changes and assess impact. If minimal, proceed with larger batches of users.
Data quality problems can be mitigated with the right effort. Is your organization willing to invest the time and resources necessary to get the data right up front? How has data quality affected your Identity Management solution?
If you enjoyed this post, read more about how good data quality drives better identity management. Follow us on Twitter @Idenhaus or signup for our bi-weekly newsletter.
Photo Credit: Stanley Zimny