Identity & Access Management is an expensive investment in IT. Here are some tips to reduce Total Cost of Ownership:

  • Follow the rule of economy of scale - If more people use the same solution, the unit cost of the solution will decrease. Therefore, you should always search and use the most popular out of shelf IAM solution in the market place first.  Your own custom built solution should be the last resource only when no other commercial solutions are available or they can not meet your needs.
  • Automate repeating manual tasks - Labor time is always expensive than machine time. You should identify the repeating manual IAM tasks and automate them as much as possible. Most of those tasks can be done by scripting. Technet Script Center is a good resource for Microsoft solutions such as Active Directory: http://www.microsoft.com/technet/scriptcenter/default.mspx. I'll provide more IAM script in Sample Code category in the future.
  • Outsource your IAM operations - If your company's IT team is based in North America or Europe, you should definitely consider outsourcing IAM Tier 1 or Tier 2 support to offshore, such as India or China. The cost could be reduced to 1/8th for US companies. It will also help to outsource IAM Tier 3 and Architecture/Integration work to larger IT service companies such as Microsoft*, IBM and HP.

In TCO, hardware is the smallest portion, support is the largest portion, and software is in the middle. Currently, Microsoft MIIS is the lowest cost solution for identity lifecycle management service and Microsoft CA is the lowest cost solution for certificate service.

*Note: Microsoft has a new IT service offering called Microsoft Managed Solutions. This is different from Microsoft Consulting Service.