human resources & it: a marriage made in heaven?
DESCRIPTION
Managing employee relations is increasingly demanding with ongoing changes to policy and the volatile marketplace. Human Resource directors are pulled in so many different directions and are still expected to get new employees up-and-running quickly. And in the case of termination, directors must ensure the company’s assets are safe and secure. Whether you’ve thought about it or not, technology can solve many HR challenges. View the slide deck, presented at November's Southeast Michigan SHRM chapter meeting, and find out more about identity management solutions and why we think HR & IT is a marriage made in heaven. For more information on this or other topics, visit www.cdh.com.TRANSCRIPT
Human Resources & Info Tech: A Marriage Made in Heaven?
November 2010
C/D/H Quick Facts
About Us• 20th Year• Grand Rapids &
Royal Oak• 25 Full Time Staff,
40 Total Staff
Approach• Vendor Neutral• Non-reseller• Professional
Services Only
Partnerships• Microsoft Gold• VMware Enterprise• Cisco Premier• Citrix Partner• Novell Platinum
Infrastructure
Access & Identity Management
Expertise
Project Management
Collaboration
PICA
Agenda
• Why identity management?• What is identity management?• Overview of identity
management system/solutions• Typical implementation approach• Case Studies• Q & A session
Why Identity Management?
• Faster startup and shortened time to productivity for new personnel
• Reduced man-hours required for personnel updates
• Passwords synchronized across all connected systems
• Get IT out of the business of managing users, roles, and permissions. Delegated to business-line managers
Why Identity Management?
• Offboarding completed quickly, confidentially, and completely
• Quickly disable/delete access across all systems
• Changes to employee accounts are tracked, auditable, and reportable
• IT finally getting my information correct everywhere (name change, role change, location change)
• HR system becomes accepted “Authoritative Source” across the enterprise
What is an IDM System?
A system – processes, rules, applications, and services - that coordinates identity information held in disparate and scattered data sources.
Which Means……
• IDM is primarily software implemented by IT that connects your HR software to all the other applications that hold user identifications.
• Identity systems synchronize information between the dozens of systems in your company that know nothing about each other.
• Identity systems use a central “hub” or vault to store and synchronize identities.
Systems Where Identity is Stored and Where Identity Systems Connect
JD Edwards Active
Directory NT Domains Outlook Exchange GroupWise Notes LDAP Text JDBC DB2 Websphere
MQ
PeopleSoft Lawson ZENworks Secure Login Chronos iPlanet Secureway Critical Path DirX Oracle Sybase MySQL Excel
SAP Informix Dynamics AIX Red Hat SuSE Solaris Debian x.500 Banner Oracle HR Cisco VoIP RSA ACE
ADP Payroll Oracle
Financials Netegrity RACF ACF/2 HP UX Tibco WebLogic JD Edwards In-Join Policy Director RADIUS
Authoritative Sources
• HR system may be authoritative for the users themselves, but not for all parts of a user
• Email systems are authoritative for email address, feedback into HR and other systems
• Phone system authoritative for phone extensions
• Peoplesoft system may be authoritative for cost centers.
The identity vault is the hub of information
Identity System
Identity System
Identity Vault
Logon NameE-mail aliasCost Center
ManagerEmployee #
What is an Identity Vault?
Identity Vault
Providing Consistent Identity Information
Dan Clay
Dan Clay
Common Name
NOSDirectory
Employee Onboarding
Metadirectory
Title = Director
Title = DirectorTitle = Director
Title = Director
Managing Changes to Identity Information
NOSDirectory
Employee Offboarding
IDM Project Success Criteria
• Secure executive-level sponsor & a strong project manager
• Identify benefits, risks, scope, technical requirements, talent needed, etc.
• Define business rules (authoritative sources, precedence, other)
• Plan for data clean up and/or bulk load strategies
• Configure, test, pilot, and deploy identity system
Common Project Mistakes
• IT goes around HR and doesn’t start with the authoritative source
• Attempting to do a bottom-up implementation (IT driven, not executive sponsored)
• Hiring and firing process not well documented prior to starting
• Not having IDM experienced & professional project management
• Trying to synchronize too many applications in the first phase
• Not synchronizing enough – not driven by good sound business drivers
Identity Management Vendors
• Computer Associates • IBM• Microsoft • Novell • Oracle/Sun
Vendor Comparison
Regional Hospital
• 2,500 Employees
• Identity Vault Concept
• Synchronized Passwords
• Supports future application integration
National HealthCare Provider
• 36,000 Identities
• Active Directory Consolidation
• NetWare Only As the Vault
• Over 42 Applications Integrated into Vault
Global Insurance Co.
• 2,000 Identities
• Vault to Vault Connectors
• Complete Test Environment
• Drivers to Support over 18 applications
Local Regional University
• 4,000 Faculty, 16,000 Students, 67,000 alumni
• Foundation for connecting all new systems
• Support of Student and Faculty Portals (alumni under development)
• Password self-services implemented
Royal Oak306 S. Washington Ave.Suite 212Royal Oak, MI 48067p: (248) 546-1800
Thank You
Grand Rapids15 Ionia SWSuite 270Grand Rapids, MI 49503p: (616) 776-1600
(c) C/D/H 2007. All rights reservedwww.cdh.com