*Have a clear, strategic plan — including goals and expectations for deployment — developed with broad participation from multiple constituencies.
*Develop a clear set of corporate policies — monitoring, privacy, response, archiving, and so on — to guide your deployment.
*Have an enterprisewide process in place, not just the technology, to handle identity and credential management.
*Clearly define the process for how the IT security and physical security teams will work together on incident response.
*Make conscious trade-offs between user convenience and authentication strength, matching the level of security with the level of risk. Use multifactor authentication where possible.
*Use your chosen authentication methods, such as smart cards, across as many applications as possible to get the maximum cost leverage.
*Centralize credential management and identity provisioning. Link the identity management system to your HR systems.
*Make sure all new physical security infrastructure complies with standards and IP protocols.
*Build a long-term business case for deployment, and structure long-term vendor contracts, including maintenance and upgrades.