RFP checklist | Single sign-on products

There are a number of issues to consider when drawing up a request for proposals for a single sign-on system.

The most often-cited advice is to give prospective vendors a list of applications that fully describe your situation. If some are mission-critical, must-have programs, be sure to include them on the list. But go a step further and specify how people access them ' via remote-control software, for example. Also include those that burden your help desk with the most password-reset calls. Don't fall for checklist-ware ' products that only claim to support most of your key applications. You won't know for sure until the vendor proves it with a real demo and tells you how they do it.

Run a couple of detailed workflow scenarios past respondents, and expect detailed answers. It's a great way to detect boilerplate offerings.

When choosing an appliance or central server, devote close scrutiny to availability features such as built-in failover, redundancy and clustering, which can minimize risk.

Ask for references from customers with similar installations, and talk to them. Don't be fooled by claims of units sold; demand to know how many people actually use the product daily.

Evaluate the tool's auditing and reporting features for adherence to your specific regulatory requirements.

Beware of products geared too much to a single platform, such as Windows, if your needs are more heterogeneous. Ample connectors to third-party platforms are a good indicator.

Look for rule-based, distributed administration, which can speed a tedious process without risking security by granting too much access from remote sites. It also sets up a chain of command that boosts accountability by establishing supervision at the top.

Be sure graphical interfaces are easy not only for users, but also for administrators who oversee policies and decide on user privileges.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above