Matt Kelly at Compliance Week threw out a line recently:
Compliance Week is researching a story about compliance with identity management and user access policies. We’d like to hear about what policies you have in place for those needs, and what problems you’ve encountered (and solved) along the way. Send us your thoughts, and expect an article on the topic in upcoming weeks.
Needless to say, I am very curious what people will share on this subject. I’m always fascinated to hear how people apply user provisioning tools.
Back in the day there were two major selling points for user provisioning: compliance and reduced help desk call volume. Customers were quick(er) to recognize the reduced help desk call volume but the compliance aspect lagged, mostly dueto the fact that no one knew what compliance meant. (These were the pre-SOX days mind you.)
Times have certainly changed as has the messaging. Recently provisioning for compliance has morphed into compliant provisioning. User provisioning systems have matured to a point that organizations can use them as service platforms. Organizations are realizing that their provisioning infrastructures are great vehicles for other services: password management, role lifecycle management, and so on. Compliant provisioning is one of the best examples of this.
If our recent webinar with KPMG and IBM was any indication, then the market is desperate for compliant provisioning solutions. We had hundreds of attendees asking some very tough questions about implementation, architecture, and resources needed. I can’t wait to see if Matt’s research reaffirms what we are seeing in the ever maturing provisioning market.