How Do I Know When To Upgrade My IAM Environment?

Pathmaker Group Executive Team

Deciding if you should upgrade your identity and access management environment can be a daunting task. Although there are many variables and decision-making points involved, the “if” decision usually falls into one of two camps:

  1. The software is nearing its’ support end-of-life.
  2. There is a need to utilize new services available in the latest release.

Let’s take a look at the first camp. The end-of-life of a particular software product is tied directly to its vendor’s support. This is a very important consideration due to the potential worst case scenario. Imagine software currently running in production where its support has been deprecated by the vendor. Then when a major issue occurs, technical staff reaches out to the vendor with an explanation of the problem, only to hear “sorry, we can’t help you”.  Unless in-house staff can diagnose and find a solution to the problem, there could be a very real long-lasting disruption of service. The old adage “if it ain’t broke, don’t fix it” is not always the best mantra to follow with your identity and access management software. Although it is not critical to constantly upgrade to the latest and greatest release, it is recommended to be several steps ahead of a product’s end-of-life. This is due to not only the potential issue above, but also because vendors include critical items, such as security fixes and performance enhancements, as part of their newest releases.

How about the second camp? Let’s take a company that is utilizing a single sign-on software product or version that is a few years old. Granted, the solution is working well, however, there is now a need to integrate mobile and social technologies for their customer base. Seeing as their current software version does not support this, but the newest version does, the obvious choice would be to upgrade. Or, as a second illustration, a company may have created a custom connector, but that connector now ships out-of-the-box with the newest version. By upgrading, they would no longer have the overhead of updating and maintaining their code.

Get Information on the PathMaker Group IAM Maturity Advisory here. 

Tivoli Directory Integrator – Before Initialize – Add Date to File Name

I wrote a different TDI blog discussing the Before Initialize Hook.  That blog discussed setting the filter in an Iterator.  Here is another use for the Before Initialize Hook, this time in a File System Connector.  As I mentioned in prior PathMaker Group blogs Tivoli Directory Integrator (TDI) is a pretty neat tool that comes packaged with IBM Tivoli Identity Manager (ITIM) with a bunch of Connectors. This blog will relate to the File System Connector.

Have you ever wanted to build create a File System Connector that creates a file that has a unique value so the process can run multiple times a day or week and you don’t have to worry about overlaying the file?  This can be accomplished with the Before Initialize.  In this case the process will only run once a day so only the date is added to the end of the file name. Read more