Sunday, March 23, 2014

Measuring Identity Management

When I first started in the IT/Services field, I worked on a help desk providing technical support for a software company. Everything on the job was about Metrics: How many calls did you take, how long you were on the call.  Later, I managed the support group and the metrics got more interesting: Who called the most? What did people call about the most? This information needed to be shared amongst my fellow team leaders, my immediate management, sales management, product management, and even the executive management of the company. As a primary interface between the company and its clients, I had a lot of information.

I see Identity Management as holding a lot of that same type of information that would be of interest to various parts of the organization. Understanding who is provisioned to what endpoint, how identities change in the organization over time, users with given access rights. How many people are set up with the new password management scheme? Have processed their attestations? The list is ever changing and of course would vary by organization, per Pollicove's Law.

Sure, we can generate reports that show this information, but I think there could be a use for a dashboard views showing real/near real-time views of essential data.  Reports are all well and good, particularly when trying to analyze data over a period of time.

What metrics do you think would be of the most value in an Identity Management Solution?

No comments: