Because Identity Manager is not in the transaction path between general users and the systems and applications that they already have access to, Identity Manager downtime is not the nightmare that you might imagine. If Identity Manager is unavailable, end users are still able to access resources through their provisioned accounts.
The main cost of Identity Manager downtime is lost productivity. If Identity Manager is down, end users cannot use Identity Manager to gain access to systems that they are either locked out of or not provisioned to.
To calculate the cost of downtime, the first number that is needed is the average cost of lost productivity due to end users being unable to access computing resources within the enterprise. In our assessment, this number is called productivity per person hour.
The other major number that needs to be determined is the percentage of end users within the user population who need to use Identity Manager at any given time. This population usually includes new hires who need to be provisioned, and end users who have forgotten their password if password management is a part of the deployment.
Consider the following hypothetical situation:
Total number of employees |
20,000 | |
Number of password resets in a day |
130 | |
Number of new hires in a day |
30 | |
Number of hours in a work day |
8 |
For this particular situation you can calculate the following:
The number of employees needing Identity Manager at any given hour = (130 + 30) / 8 = 20
The percentage of employees needing Identity Manager at any given hour = 20 / 20,000 = .1% or 1 in 1000
Using these numbers you can then estimate the cost of an Identity Manager outage:
Productivity per person hour |
$100 | ||
Loss in productivity |
.5 |
(50% decrease in productivity due to inability to access system) |
|
Number of people affected |
20 | ||
Subtotal |
$1,000 | ||
Duration of outage |
2 hours | ||
Total immediate loss |
$2,000 |
This example shows that even though the number of users being managed by Identity Manager is high, the number of users needing Identity Manager to gain access to systems at any given time is usually low.
Another point to consider is that the time it takes to bring a system like Identity Manager back online is usually less than the time it takes to execute the manual provisioning processes that Identity Manager is automating. So while Identity Manager downtime exacts a cost, it is usually less than the cost of using manual processes to give users access to resources.