• Site Map
• Contact Us

• Home
• Our Company
• News &  Events
• Products
• Services
• Resource Center
• Community

Technology Deployment

Identity Management Deployment

Following are the typical steps to install ID-Synch:

• Password management (synchronization, reset, user enrollment):
  • Install P-Synch software.
  • Configure target systems.
  • Set up security policies (password rules, authentication process, etc.)
  • Validate help desk password reset.
  • Validate web-based password synchronization.
  • Set up self-service registration.
  • Validate self-service password reset.
  • Set up secure kiosk account.
  • Validate self-service password reset from login prompt.
  • Install and configure transparent synchronization libraries.
  • Validate and stress test transparent synchronization.
  • Set up and validate token integration, management.
  • Set up and validate e-mail integration.
  • Set up and validate call tracking integration.
  • Set up multiple servers.
  • Test data replication, load balancing, fail-out, failure recovery.

• Roll out:
  • Train administrators, help desk staff.
  • Pilot test.
  • Roll out to larger user community.

• Consolidated user provisioning (create, delete, enable, disable, modify)
  • Design phase: identify template accounts, roles and authorizers.
  • Install ID-Synch software.
  • Create template accounts on managed systems.
  • Identify template IDs on the ID-Synch administration GUI.
  • Validate creation of new accounts using templates.
  • Create roles on the ID-Synch server.
  • Validate creation of new accounts using roles.

• Roll out:
  • Train security administrators.
  • Pilot test user administration with ID-Synch web GUI.
  • Roll out web administration and phase out use of native tools for routine administration.

• Self-service user administration workflow:
  • Design phase: identify authorizers.
  • Design phase: develop rules to assign new login IDs.
  • Design phase: develop rules to validate, rewrite requests.
  • Design phase: develop rules to add and remove authorizers, based on organizational data and rules, to/from requests.
  • Identify authorizers in ID-Synch.
  • Implement plug-in programs for the other site-specific business logic.
  • Validate functionality.

• Roll out:
  • Train a small pilot group to use the workflow system.
  • Pilot test workflow for request automation.
  • Develop brief promotional material and educational text.
  • Roll out the workflow system as a part of the corporate Intranet.

• Automated propagation of changes from authoritative to managed systems:
  • Design phase: identify systems of record and what relevant data they contain.
  • Design phase: develop SQL code, LDAP queries, etc. to extract relevant data from systems of record.
  • Design phase: identify actions that the system should take when the system of record changes (e.g., termination, creating basic network accounts)
  • Implement a batch file or small program to read data from the system of record, apply the business rules and invoke the ID-Synch batch loader to implement the administrative transactions.

• Roll out:
  • Test the automation using sample data and a NULL agent (no real administration actions).
  • Implement in production, with real data but a NULL agent. Validate that business rules are being correctly implemented.
  • Change the production implementation to use real agents.

Actual steps vary depend on products and features activated and organizational priorities.

© Hitachi ID Systems, Inc. 2008. All rights reserved.