Skip to main content

Avoid User in Training

October 06, 2017

Often when I’m onsite with clients, gathering requirements for an identity and access management (IAM) solution implementation, I’m asked, “What are some key things that we should do to help this implementation be successful?” 

Clients are rarely prepared for the answer because it has nothing to do with the implementation. Implementations are becoming highly standardized in the approach of development, testing, go-live and post-production phases. With adequate support of project management, infrastructure, system admins, and the like, migration to production goes smoothly, the new IAM solution starts working, and everyone high-fives!  

While that is great and we can all appreciate the hours of work and stress that go into reaching that moment, there’s another moment that usually takes even more preparation and can delay the first from happening if it isn’t considered soon enough: If the solution starts working, will any of your end users know how to use it? Because that moment – solution is working and the end user is using it – is the one truly worth celebrating.

IAM Training

If training and change management are started too late, it can delay your ability to go live with your new solution. End users are too often not thought about until the testing phase. When that happens, user acceptance testing (UAT) becomes what I like to call “user in training” (UIT). I compare it to passing a car with that “Driver in Training” sticker on it – I immediately want to be in another lane or section of the road far, far away!  Similarly, it’s best to avoid user training during the testing phase for two reasons. 

  • This means the people that are testing the solution don’t know how it’s intended to work, so your ‘defects’ list grows as users make assumptions about functionality. At this point, you can spend tens to hundreds of hours chasing defects that are not “real.” 
  • You’re allowing people to train themselves in an environment that hasn’t been proven to work accurately so they may think something is an intended behavior and not recognize that a defect does exist. 

All of this results in a defect log that resembles a whack-a-mole game, at which point your engineers beg for solution-trained testers.  

When should you start your training and change management communication and strategy? ASAP!  

  • Invest in administrators that have experience with the tool, or send them to training to gain the knowledge they need before development begins. 
  • Allow lead time to build communication campaigns, training guides, sessions or webinars. If you have 300 managers in your organization, offer more than a few sessions of training. 
  • Partner with your vendor to offer onsite, in-depth training sessions to build better understanding and early adopters. This is more effective than simply emailing a quick user guide throughout your organization. 

Investing in your end users’ experience builds your brand. End users will believe in the steps you are taking in innovation, security and efficiency, which breeds champions of change and makes your next implementation a welcomed event.

    Dusty Anderson

By: Dusty Anderson

Client Solutions Advisor

See More

Related Blogs

September 16, 2014

Phishing with Smitty: A Unique Tool for Solicitation Attacks

This post will introduce you to the Smitty SMTP utility, which is a fully featured email client. We use this tool as a means to effectively deliver em...

See Details

September 18, 2014

Cybersecurity Awareness & End User Training

You’ve probably seen the news about companies around the world being hacked. These are companies that have millions of dollars invested in technology ...

See Details

June 27, 2017

A Day in the Life of Optiv Cyber Security Superheroes: Ben Walcker

Upon graduating from college with a double major in education and history, Ben Walcker never imagined one day he would lead a team of sales profession...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

June 09, 2017

Identity and Access Management: Why Identity Matters

Learn why identity matters to your organization and how it can have a positive impact on your security program.

See Details

February 22, 2016

Testing and Validating Network Infrastructure and Security

Identifying vulnerabilities and creating a plan.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.