Challenges

Identity and access management has become more complex as digital identities take on an increasingly important role in specifying how users interact with computer networks. Organizations need to manage users efficiently and accurately while granting them access to network resources. However, organizations rarely store and use identity information in only one place. Multiple departments, countries and regions, business divisions, and software choices along with mergers and acquisitions result in the proliferation of directory services and application-specific identity stores — increasing costs and causing complicated security issues.

Developing a consistent and effective identity and access management strategy requires a sound understanding of the approaches and technologies you can use to address multiple digital identities. Organizations and IT departments need to implement both short term and strategic approaches to controlling identity.

Providing customers, partners, and employees with access to Web applications and online services is an increasingly important business driver in many organizations. IT departments need to provide a seamless, secure sign on experience for such applications and services while keeping directory provisioning and maintenance costs low.

Benefits

A common intranet access management infrastructure that integrates applications and platforms can produce significant benefits for organizations trying to improve the use and management of digital identities. For example, the use of a standard set of security protocols and the elimination of redundant identity stores can simplify infrastructure, reduce management efforts, enable single sign on (SSO), and make security auditing easier.
These benefits are primarily financial, including lower administration expenses, licensing fees, and application development costs. Additional benefits include greater security (because the attack surface is reduced), Identities data integrity, improves customer satisfaction and better options for protecting access to sensitive organizational data.
Improving intranet access management through tight integration with common directory and security services is often very challenging in its technical aspects. A large portion of the challenge stems from the fact there is currently little straightforward guidance on how to configure platforms and applications for interoperability.