Ashraf Motiwala offers up these nuggets of identity wisdom:
- Good technology can’t compensate for bad processes (although it might make it less painful)
- Fixing your data without fixing your processes is like painting your house on a rainy day
- Throwing more software at an identity problem usually exacerbates it
- A dollar in an identity project doesn’t take you as far as you’d expect (even though its well worth it)
- What business users think is happening is quite often vastly different than what is happening under the hood
Ashraf also asks for more one liners. Here are my favorites:
- The dirty little secret about provisioning is that it’s really all about deprovisioning.
- You shouldn’t start out trying to do account management by adding another account to manage.
The former was drilled into me at Access360 when I repeatedly saw customers that were really ok with it taking an employee weeks to get access to all the required resources, but wanted them turned off the moment the decision had been made to end the employment relationship. The later is a reference to the large number of identity products that still can’t leverage an existing identity store for users, and instead synchronize an internal proprietary user repository.