August 12, 2008

Why do companies end up paying huge amounts for Identity Projects?

The sure answer would be indiscipline. Any doubt?
When one starts up a company, least preference is given for IT discipline. No directory implementation, no domains etc which result in a process chaos after few years. Then managements start thinking about bringing things in order and end up not only paying huge amounts to get it straight moreover end up in improper implemenations. I have seen many companies which never had any system according to conventional methods when it comes to user management.
The question that bugs me every moment is why companies do not leverage the open source tools avialable? Directories are avialable in the open, operating systems are available in open, why cant one avail these?
These are my view points:
1. The day the company is christened a directory structure should be in place
2. Every employee record should be present in it.
3. All the available systems in the office should authenticate the user against this directory
4. Employee should be given an option to change his passwords and few other details online
5. Form filling should be avoided on the induction day, instead a webpage should be used and the data should be recorded into a HR database and then should be fed to the directory
6. A small PLSQL trigger on the database can create the email address without conflicts
7. Free Identity tools like SUN Identity Manager should be implemented within one year
8. Every application or tool that the organization needs should be under the perview of Identity Manager
Am I missing something???
I feel these are the basics that one should do for the company's IT wellness in the long run.