Fischer International Identity
BUILT FOR BUSINESS…YOURS™
WHITE PAPER
Fischer Identity Suite™
Best Practices for Rapid End-User Adoption
Executive Summary
Identity Management is nothing new. Yet after all this time on the market, organizations new to
Identity Management are still achieving only mixed results for end-user adoption, and many
organizations that rolled-out Identity Management years ago still haven’t achieved their goals:
end users must actually use the automated system and stop calling the help desk for processes
available through self service. While most organizations have diligently assessed vendor
offerings, fewer have adequately planned how to achieve utilization objectives. Many
organizations assume that end users will automatically start using the Identity Management
solution without any planning or incentives, but that’s proven to be false. With user acceptance
rates ranging from under 25% after one year to nearly 100% within a few months, it’s clear that
successful Identity Management rollouts rarely just happen; they involve executive sponsorship,
planning, education, setting measurable objectives, metrics, and a variety of “incentives” for
achieving the goals. Fortunately, these activities will improve user adoption when launching, or
even when “re-launching” Identity Management.
This paper discusses some of the options available to organizations wishing to maximize the
value of their investments without disrupting operations. These techniques can be utilized
whether the organization is new to Identity Management or has been using it for many years.
Getting Started
Planning and executive sponsorship are vital for user adoption: organizations must plan the
changes and ongoing activities required by focusing on the organization’s unique cultures and
resources, and by creating measurable objectives. Like all projects that involve significant
changes, executive sponsorship and active executive participation in the progress of the rollout
plan are critical to success. Fortunately, Identity Management provides true win-win scenarios
for the company and for users, and organizations should capitalize on natural enthusiasm for
the project while working to overcome resistance to change. Since user awareness and
understanding are important, executives must communicate the importance of the project and
its expected outcomes.
An organization’s objectives for rapidly rolling out Identity Management must be balanced with
the possible negative effects of choosing inappropriate methods. While few organizations
publicly admit their mistakes, anecdotal evidence clearly shows some approaches are better
than others. For instance, laissez-faire approaches to deploying Identity Management rarely
recoup investments since few people use the system. At the same time, excessively harsh or
inflexible approaches have ultimately reduced employee morale, productivity and financial
benefits.
A combination of education with both positive and negative incentives has proven to maximize
both the end user experience and financial benefits. The best practices for a particular
organization depend on a variety of factors such as the size, culture and geographic distribution
of the organization, the types of end users (technical, administrative, mobile, highlycompensated, etc.), the organization’s previous experiences rolling out applications, as well as
objectives for using the system. Proper planning, as well as budgeting a sizable percentage of
Fischer International Identity: Best Practices for Rapid User Adoption
2
the projected first-year savings for incentives, can significantly improve the financial benefits for
the entire project. Planning is required for multiple phases: education, registration and ongoing
use.
Since the registration process can be a significant hurdle, when possible, choose a product that
can automate the pre-registration process. For example, the product should automatically
register users and correlate users with their existing accounts. If password management is part
of the solution, it should extract personal information from HR and other sources to answer
initial challenge-response questions for password resets and it should also require users to
create / answer additional questions during their first use of the product. If the product does not
support these activities, choose another product or simplify the registration process as much as
possible and increase your use of incentives.
Training
Training and awareness are crucial to the success of Identity Management. Training
requirements are typically minimal and can be delivered using a variety of methods, but should
always answer the user's question “What’s in it for me?”
The first challenge is to convince busy people to invest a few minutes up front to save much
more time later. Successful organizations have generated awareness (and even excitement)
through pre-launch campaigns that highlight the advantages to end users:

Use one password for all accounts

Reset forgotten passwords faster

End embarrassing password reset calls to the help desk

Simple process for requesting access to resources – no more guessing who to contact

Easily update profile information such as mobile phone number

Able to view the status of requests

Always available – no waiting on the phone or waiting for help desk to reopen
The most successful training is performed immediately prior to rollout, and can be performed
using a variety of techniques.

Live or automated demonstrations

Training documents with screen shots of each activity

Posters with simple illustrations of the password reset and resource request processes

Articles in the organization’s newsletter

Etc.
It’s vital that end users can quickly locate password reset instructions when needed or they’ll
become frustrated and revert to calling the help desk. Methods include a link from a web portal
(if accessible without login), posters, paper memos, login screens, etc.
Fischer International Identity: Best Practices for Rapid User Adoption
3
Metrics and Incentives
Metrics and incentives are pivotal for success and can provide ongoing leverage for continued
attainment of objectives, but they are often underutilized. Metrics must be easily understood in
order to provide an objective basis for positive and negative incentives that reward (or punish)
users and their managers based on actual performance.
Incentives are important enough that organizations should budget a sizable percentage of
projected first-year savings for positive and negative incentives, as each type of incentive
requires resources. It’s also important that any incentives are designed for the unique culture
and resources of the organization as inappropriate incentives can do more harm than good.
Many organizations resist using positive incentives because of the belief that “end users should
simply do their jobs without added incentives.” However, significant financial and morale
improvements can be achieved by including positive incentives since people typically do what
they are rewarded to do. More commonly, organizations use only negative incentives to achieve
their goals. While negative incentives are an important part of the equation, especially in
maintaining high adoption rates for ongoing use, care must be exercised since excessive reliance
on negative incentives can negatively impact productivity, morale and financial benefits.
Positive Incentives
Positive incentives have the most value during the startup phase, and are especially important if
a manual registration process is required, usually in the form of answering personal questions to
be used for password resets. Organizations can successfully use a variety of positive incentives
for the initial phase depending on their corporate culture and their end user types:

Reward business units: provide rewards based on the percentage of all people in the
business unit who perform the required initial tasks – the higher the percentage, the
better the reward, e.g., time off work, group entertainment, group lunch, monetary, etc.

Contests for business units: provide a more substantial reward to the business unit(s)
with the highest attainment of their objectives. Organizations with a competitive culture
will likely find this option most favorable.

Reward individuals: provide a small reward (free lunch, cash, gift certificate, etc.) for all
persons who perform the required initial tasks.

Drawings for individuals: randomly draw for larger prizes from the list of people who
have completed the required initial tasks. Highly-compensated persons such as doctors
and sales people are often more inclined to participate for the chance at a substantial
prize that provides “bragging rights.”

Reward managers: provide rewards or contests for managers whose people have the
highest attainment rates.
Fischer International Identity: Best Practices for Rapid User Adoption
4
Negative Incentives
Depending on the culture of the organization, negative incentives or a combination of positive
and negative incentives can be more effective than positive incentives alone. In addition to
impacting the initial setup process, negative incentives address the ongoing use of Identity
Management.
Initial Setup Process: Organizations use a variety of approaches to accelerate the required initial
tasks.

Create peer pressure by publishing a list of who has not performed the required tasks.
This is best combined with positive group incentives that depend on the percentage of
people who perform initial tasks for Identity Management.

Send email messages to end users reminding them to perform required tasks (including
instructions) or asking end users to explain why they haven’t registered. Repeated
messages could become less friendly, could openly copy the person’s manager, etc.

Have an impartial liaison, such as your organization’s trainer, contact persons who have
not performed the required initial tasks. This personal touch is especially effective for
individuals who might need additional training. Alternately, ask managers to follow-up
with noncompliant team members.

Have the help desk guide callers through a first-time use of the required process so the
users can immediately reset their passwords or request resources. This option requires
planning for adequate help desk staffing since it could require extra time per help desk
call.

Automatically revoke access to applications for end users who have not registered for
Identity Management after some period of time. Organizations taking this approach
should plan to revoke access for a manageable number of end users per day so that the
help desk is not overwhelmed, and so that no single department, business function or
location is significantly impacted by the access revocation.
Ongoing Use: For an organization to continue meeting its objectives, it often must encourage
users to not revert to calling the help desk by reminding users of the speed, ease of use and cost
savings of the automated solution.

Ask managers to contact persons in their workgroups who call the help desk for
processes available through self service.

Automatically send emails to end users and their managers when the users call the help
desk for processes available through self service. The emails could note the cost per call
to the help desk (typically $30 or more per call). Optionally, tie a department’s help-desk
costs to performance measurements or to compensation for its users and/or managers.

Make calling the help desk for processes available through self service increasingly
onerous: Publish separate numbers for processes available through self service and
instruct help desk representatives to immediately transfer these calls to the appropriate
phone number. Callers must listen to a recording that explains how to reset one’s own
password or how to request resources before any help desk representative takes the
call.

Publish a policy for the help desk to call back end users after a specified period of time
rather than taking their calls immediately for processes available through self service.
Fischer International Identity: Best Practices for Rapid User Adoption
5
Gradually increase the waiting period for callbacks. Organizations should use caution
with this method since it could create undue hardships for traveling end users.

Temporarily revoke access to applications for end users who have not changed their
passwords through the password management facility according to your policies (e.g.,
must change passwords every 90 days). Consider a phased approach so that a
manageable number of end users per day would experience revocation, the help desk
would not be not overwhelmed, and no single department, business function or location
would be significantly impacted by the access revocation.

The exception to the above would be when a manager needs to revoke all access for a
person. The help desk should immediately revoke access but later follow-up with the
manager to confirm adequate understanding of the process.
Conclusion
Identity Management solutions and implementation methods vary widely. Choose a solution
with the right functionality for your organization’s requirements. Whether your organization is
new to Identity Management or installed a product years ago but experiencing inadequate
utilization, proper planning and execution of solution launch (or re-launch) activities can
dramatically improve utilization rates.
Fischer Identity quickly extends Identity and Access Management to end users across locations
and across enterprises, and is available as on-premise software or as a SaaS solution. Modules
include Password Reset & Synchronization, Automated Role & Account Management, Access
Termination, Privileged Account Access Management, Federation, Web Single Sign-On and
Identity Compliance.
Fischer International Identity: Best Practices for Rapid User Adoption
6
Fischer International Identity
5801 Pelican Bay Boulevard
Naples, Florida 34108
+1 239-643-1500
www.FischerInternational.com
Built for Business…Yours™
Document: MCW-07-190B May, 2012
Copyright © 2009-2012 Fischer International Identity, LLC. All rights reserved.
Fischer International, Fischer International Identity, Managed Identity Services, Managed Identity Services
Technology, Identity as a Service, IaaS, the Fischer International Logo, Global Identity Architecture, Built for
Business…Yours, and all other Fischer product or service names are the trademarks and/or registered trademarks of
Fischer International Identity.
Fischer International Identity: Best Practices for Rapid User Adoption
7