Managing a Centralized Identity Infrastructure Equates to Saving Unheard of Time and Money

How many languages do you speak? If you were raised in the United States, the answer is probably no more than one. This isn’t exactly the forum for learning a new language, however, it could certainly be a place where you learn about a new word! After-all; long before a technology word becomes a “buzz-word” it simply starts out as a mere word! This new word deals with startling facts about issues that really need to be resolved. Back in 2007 Microsoft funded a study that was recently referenced in PC Magazine. That study determined that Web Users have an average of 6 passwords, shared across at least 4 different websites.  In addition, each user has about 25 accounts that require passwords, and routinely enter approximately 8 passwords per day!  And think how much has changed since 2007.

Citing more recent global research, a Professor of Psychology at Trinity College in Dublin, Ireland, details the growing alphanumeric clutter to include;  5 passwords, 5 PIN numbers, two license plate numbers, 3 security ID numbers, and 3 bank account numbers just for getting through everyday life!

Now, force all of this into an enterprise-level security standard and the crazy unsettling world of resetting all of those accounts strikes fear into the hearts of users and overworked helpdesks across the country! To all of this I say GOTBABWA (pronounced got bahb wae)!

I developed the word GOTBABWA several years ago, and it is a highly effective tool when you are entering a new environment as a expectant, or titled leader of an already defined organization. The problems we have listed above continue to plague administrative teams and stressed out application users everywhere. That problem is not new, but the way you arrive at the solution may be. GOTBABWA also works on well established teams, but if leadership has been in place for a long time it can be less effective depending on what the team dynamic is for open and honest feedback.

Shortly after taking over a large internal IT organization I called together all of my sharpest engineers and administrators to an hour long GOTBABWA (got bahb wae) meeting. This stands for “Got To Be A Better Way”! It specifically deals with infrastructure processes that aren’t necessarily broke, but are extremely complex, or frustrating, or long, or error prone, or far from being automated and are soaking up their man-hours keeping them from doing more exciting and engaging technology projects that help move the business forward! It basically breaks down to “Is there a better way to do XYZ”? The point of the meeting is NOT to come up with the solutions (initially). The point is to put together a list of 3 to 5 things that need to get addressed internally. Those results, determine how you move forward.

I believe every CIO should sponsor either directly or indirectly a GOTBABWA project. It allows your brightest people the ability to research, create, and even document what is fundamentally wrong (due to what they perceive as overly complex) that they want to correct. I also believe that what gets documented out of this meeting can become strong corporate drivers for simplifying daily operations while at the same time enhancing risk mitigation and compliance adherence. These identified issues at the core of your business processes should be known at the CIO level. The solutions may end up being the purpose for a project, or an additional requirement that another project will be required to resolve. But the right people need to be aware of the need and the purpose. In some cases the IT staff will get permission to “research” solutions, which includes testing, proof of concepts, time estimates and cost, which may lead to a full blown corporate initiated project.

I recently completed a consulting project where a newly formed Central Administration Team was assembled to address their multiple ID’s, passwords, and security database silos of administration issues because one of the newer team leads had a meeting (ok, they didn’t call it GOTBABWA, but the purpose was similar). The difference was, this team had been put together to take over several disparate IT Operations throughout the company, so it had a very large microscope and associated corporate sponsorship. Fortunately, one of the key engineers had addressed similar issues before with a previous company. As a result, those engineers were empowered and delivered a solution that allowed all the end users to access corporate systems with a unique ID, eliminating all the alphanumeric clutter that so many companies are suffering from today. With a streamlined ID for a user’s profile, the alphanumeric clutter of multiple profiles is no longer an issue.

One of the quotes from the Senior Lead on that project, was that at the most basic level, “On-boarding users used to be a three week process without privilege management. Now, with or without privilege, we can do this in minutes!”

So, IT Managers, Directors of Operation, Technology Architects, VPs of Technology, CTOs, and CIOs everywhere: The results that Microsoft has been reporting on since 2007, a Professor of Psychology has broken down for us, and things I have seen for the past 7 years in the field – can all be fixed!  Whether it is intentional or not, keeping multiple profiles and silos of administration in your environment enhances risk. Unfortunately, a lot of this risk is not identified until after an in-depth internal audit. Up until that point, your engineers and administrators have jumped through unbelievable hoops of unnecessarily complex administration, extended hours of repetitive manual processes, and hours of late night work just to keep everything afloat! Having them provide input at a GOTBABWA type meeting will provide you with a snapshot assessment from the experts who deal with the processes that are in place every single day. If something can be done better, they might not know the answer initially, but they’ll easily identify it as something that needs to be improved.

It is easy to understand that none of the Board members are talking about user logins as a corporate issue. Not when everyone is talking about more high visibility technology “buzz-words” like “Software as a Service,” “Off-Premise Access for multiple end point devices,” and “Cloud Access.” But if your technology architects and engineers have their first GOTBABWA meeting, you might learn that getting everyone back to a Unified Identity may be the actual step you need to diversify the infrastructure to enable the more modern architecture.

Did you know that in most companies that believe they have a well-defined on-boarding process that user password administration averages 30 minutes to resolution per user! In a company with 3,000 users, can you imagine that all you did for an entire day was resolve 16 password issues? Show me an administrator that does that day in and day out and I will show you a person that is not engaged.

“Got to be a Better Way!”