Digital identities require frequent updates to reflect business changes:

Complexity creates delay and reliability problems:

  • Who? (Types of users):
    Employees, contractors, vendors, partners, customers.
  • Why? (Business events):
    Hire, move, change job function, terminate.
  • What? (Change types:)
    Create/move/disable/delete user, update identity data and entitlements, reset passwords.
  • Where? (Applications:)
    AD, Exchange, Notes, ERP, Linux/Unix, database, mainframe, physical assets.

  • Productivity:
    Slow onboarding, change fulfillment.
  • Cost:
    Many FTEs needed to implement security changes.
  • Security:
    Unreliable access termination, inappropriate user entitlements. Enforce SoD policies.
  • Accountability:
    Who has access to what? How/when did they get it?