How to Unify Identities to Reduce Identity and Access Management Challenges

Organizations struggle with complex, heterogeneous environments that require users to have multiple identities for accessing the applications they need. As these identities grow, they require an increased level of control and visibility, presenting IT with identity and access management challenges in efficiency, security and compliance. Knowledge Center contributor Jackson Shaw explains how a "get to one" strategy that automates identity administration, consolidates directories, and utilizes the organization's existing infrastructure and directory can minimize these identity and access management challenges.


Today's complex, heterogeneous enterprises contain multifaceted and diverse information systems. The proliferation of the personal computer and the networking of those computers have caused the number and types of systems that are accessed, as well as the number of employees who must be granted access, to grow exponentially.

An enterprise may use any combination of Windows, Unix, Linux, Macintosh or legacy systems-each running a variety of applications and creating significant inefficiency because users must remember different passwords and take the time to access each one separately.

System security demands that authentication, authorization and administration be controlled for every identity of every user in the enterprise. This creates the majority of identity and access management challenges. In a complex, heterogeneous enterprise, the IT staff spends countless hours provisioning, de-provisioning and dealing with password management and other issues for each of these user identities.

These same factors impact the organization's ability to maintain information security as required by government regulations, industry initiatives and established best practices frameworks. In fact, inconsistent password policies throughout the enterprise, non-secure authentication practices and delays in user de-provisioning-due to a mix of systems and IT teams with the authority to deactivate a user account-are the most common causes of compliance deficiencies.