With right IAM solutions, your business can increase employee’s productivity (or avoid the loss) significantly. Before you look into IAM solutions, you should identify major factors impacting employee’s productivity in your business. Some common factors are:
- New employee setup time – the waste time to get a new network/system account and proper permissions to access resources. An employee could loss up to two day’s productivity.
- Existing employee transition time – the waste time to get proper permissions to access new resources. An employee could loss up to one day’s productivity.
- Employee password (or PIN) reset time – the waste time to get a new password or PIN after it’s forgotten. An employee could loss up to half day’s productivity.
- Business merger/acquisition transition time – the waste time to consolidate identity and access for two or more organizations. This is also referred as business agility problem.
- IAM service/support overhead – the waste time to get a new IAM related service or support.
The productivity loss can be calculated by average lost hours multiplied by average wage. In the case of the password reset, industry data shows the productivity loss is from near $100 to over $200 per employee per year.
After you analyze business productivity loss, you can look for effective IAM solutions (which of course should cost less than the lost dollars). In this area, the IAM solutions are:
· Automated real-time provisioning management – the system will create/update accounts and groups instantly in Directory after data in authoritative HR system is updated. For example, you run SAP as HR system and MIIS as Meta Directory/Lifecycle Manager, your will need MIIS SAP connector (such as Microsoft MIIS SAP MA Beta or M-Tech ID-Sync MIIS SAP MA).
· Self Services – the intranet web applications (some with a workflow engine at back) enabling employees to help themselves. For example, a Q/A based Password Reset web app will allow employees to reset password instantly (such as Microsoft MIIS 2003 SP2 or M-Tech P-Sync).
· Automated group/entitlement management – similar to automated provisioning, the system will take care employee’s group membership and entitlement automatically without manual intervention. Currently, this type of IAM solution is new and not mature in the market (such as Quest ActivRoles Server, upcoming Microsoft MIIS code name Gemini, and Microsoft Mission Ridge).
You don’t have to spend extra dollars for a dedicated IAM product to resolve the agility problem. This solution should be just a bulk provisioning feature in a good provisioning management product.