Before You Implement OpenID, Answer These 7 Questions

Before You Implement OpenID, Answer These 7 Questions

Adopting OpenID is one way to improve your organization’s identity management issues. Yet, it isn’t right for everyone. For example, startups and small businesses probably don’t need this technology. At the other end of the spectrum, you probably have legacy identity management processes. Understanding your maturity is just one issue to consider.

Simplify the OpenID Decision

We get it; you hear about new technologies and frameworks all the time. Making smart, evidence-based decisions is critical to your success as a leader. To evaluate the technology for your organization, use some self-assessment questions.

Start by working through each question, thinking about each one. Some might require internet research, or you may want to call a colleague. If you don’t have the time to address these questions now, then you should refuse OpenID, as a rushed or failed implementation isn’t going to help anyone.

1. Do you know what OpenID is?

Until you can answer this question, you have no business going forward. According to Techopedia:

“OpenID is a unified user identification method released as an open standard that essentially acts as a single user identification system that can be used across multiple websites.”

What does that mean in business terms? It means that you should consider OpenID as a way to simplify your identity management practices. For additional background, we recommend visiting the OpenID website.

2. What expertise does your staff have about OpenID?

If your staff members lack OpenID understanding, you need to know. To answer this question, we recommend discussing the technology at your next team meeting. Simply tell your staff that you’re exploring the technology for the organization.

Tip: If you discover that nobody knows anything about OpenID, you may need to seek consulting support to adopt the technology. If you take this approach, remember to consider training needs so you can maintain the technology.

3. What identity management systems and applications do you have?

Here’s a recipe for chaos: implement OpenID without looking at the rest of your applications.

That isn’t a smart idea. Some identity management platforms are more flexible than others are. Take Identity Anywhere, for example. It has the capability to work with containers, so it’s a modern product, and it receives regular updates and improvements. Can you say the same about your legacy identity management tool built in 2004?

To answer this question fully, assign it to someone on your staff to investigate. Keep in mind that you might have multiple identity management solutions in place.

4. What are the pain points in your identity management and security process?

The first few questions established a baseline of knowledge about your current state. Now, it’s time for a different perspective. What are the problems you currently face in identity management? To jump-start your brainstorming process, here are some of the most common issues we see in the market.

  • Complaints about too many logins: Every new login that workers have to manage creates additional burdens.
  • Reporting and audit failures: Are your auditors pointing out failures in your identity management practices year after year?
  • Failure to cover SaaS and the cloud: If you’re using an older identity management solution, you may be missing cloud tools.

Take your time to think through these issues. If, after 30 minutes, you cannot identify any problems, you may have no need to look into OpenID.

5. Do you have the project capacity to implement OpenID?

Don’t be fooled: implementing OpenID requires project management support. Sure, your technical staff may tell you that it’ll be easy. However, you need to think beyond the bare technical details. For instance, do you have the capacity to offer change management support to employees? What about your other stakeholders, such as consultants and value-added resellers who use your product?

To answer this question, phone the head of your project management office for a discussion.

6. How will adopting OpenID affect your IT goals?

It’s easy to get carried away with innovative technologies. They promise to provide incredible benefits, such as preventing hacks. At the same time, you must balance that opportunity with your goals. Keep in mind that you probably don’t have an identity management goal. However, improving identity management may support your other goals.

For example, you may have an IT goal to reduce the workload on your IT service desk. In that case, you will need to look at the requests that go to your service desk. We’ve found that access changes and password changes are some of the most common. To cut down the volume of those requests, you’ll need to streamline identity management. OpenID can help make that happen.

7. How will this decision affect the employee experience?

The days of dumping new technology on employees and hoping for the best are over. That just isn’t going to cut it anymore. In late 2018, the unemployment rate in the United States was under 4%. Employers are scrambling to find talent. The challenge is even heavier when it comes to highly competitive fields such as technology.

You might be asking, what does this have to do with OpenID and identity management? Let’s make the connection clear. If you make identity management burdensome for employees, they’re going to be frustrated. In fact, cumbersome technology and processes might just be the factor that prompts an employee to accept a recruiter’s call.

Your Next Step to Improve Identity Management Effectiveness

OpenID is a helpful tool to use in improving identity management. However, it’s only part of the story. You also need to consider providing password management training to employees. There are also special stakeholders to consider, such as auditors and compliance. These stakeholders will be interested in reporting, audit logs, and other record-keeping functions. OpenID, on its own, won’t be able to address all of those issues.

Written by Nelson Cicchitto