However, what of the middle of the user life cycle? User profiles and access need to be maintained as they change titles, departments and locations. It is also important to record this information for compliance/audit reasons.
IdM provisioning tools are probably the best tools for managing these changes in access for enterprise systems. While tools such as SAP's GRC are excellent for work in SAP systems, they are useless outside of them. Same goes for Active Directory / LDAP specific tools, PeopleSoft specific tools, etc. IdM systems have the ability to connect to all of these (and more) systems.
Leave the provisioning, role assignment and management to the IdM system and rely on specialty tools for specialty needs.
2 comments:
I agree. We need to get IT managers informed.
It's not only about the IT managers, but also the ERP, LDAP, etc... managers.
Maintenance of users is at least as important as creating them and I don't know that the IdM universe is really thinking about this.
Post a Comment