Identity at the Center Identity At The Center #42 - Ron's IAM Program Framework
May 4, 2020
Ron Keys, an experienced IAM consultant at Identropy from Australia, shares his insights on developing an IAM program framework. He distinguishes between contextual elements like governance and operational activities such as lifecycle management. The conversation dives into common entry points for IAM projects and the importance of aligning automation with organizational maturity. Ron also emphasizes the need for long-term sustainability in IAM implementations, discussing the challenges of cloud adaptation and the importance of proper IAM ownership to avoid conflicts.
AI Snips
Chapters
Transcript
Episode notes
Two Core Dimensions Of IAM
- IAM programs need two complementary dimensions: contextual (governance, policy, architecture) and operational (day-to-day lifecycle, support, reporting).
- Ron Keys frames these dimensions as the foundation for organizing any IAM effort across an enterprise.
Assess Strengths Before Prescribing
- Start IAM assessments by identifying strong and weak areas across context and operations instead of prescribing a full program immediately.
- Tailor recommendations to the organization's maturity and willingness to commit, Ron Keys advises.
Automation Hit By Missing Policy
- Ron recounts a client who wanted automated lifecycle management but had no approved termination policy to align automation with.
- The missing policy forced the team to pause technical work and address governance first.