Today's complex, heterogeneous enterprises contain multifaceted and diverse information systems. The proliferation of the personal computer and the networking of those computers have caused the number and types of systems that are accessed, as well as the number of employees who must be granted access, to grow exponentially.
An enterprise may use any combination of Windows, Unix, Linux, Macintosh or legacy systems-each running a variety of applications and creating significant inefficiency because users must remember different passwords and take the time to access each one separately.
System security demands that authentication, authorization and administration be controlled for every identity of every user in the enterprise. This creates the majority of identity and access management challenges. In a complex, heterogeneous enterprise, the IT staff spends countless hours provisioning, de-provisioning and dealing with password management and other issues for each of these user identities.
These same factors impact the organization's ability to maintain information security as required by government regulations, industry initiatives and established best practices frameworks. In fact, inconsistent password policies throughout the enterprise, non-secure authentication practices and delays in user de-provisioning-due to a mix of systems and IT teams with the authority to deactivate a user account-are the most common causes of compliance deficiencies.