We have all experienced it in one way or another. Either as an applications owner who has seen the scale of the issue grow over time, the line of business owners who have to rely upon what IT is able to deliver, the employees who work with the complex infrastructure and no clear path to the future, or worse, the customers who are potentially impacted by it all. What are we talking about here? Identity Fragmentation.
So years ago you stand up an HR system with it's own database repository and it's own user account system. You go to a secondary vendor to help streamline the provisioning and approval workflow for on-boarding and certifications. You leverage another vendor to assist with auditing of privileges and entitlements. All of this in support of the one application, and each additional layer you add creates it's own silo of identity information.
Now you want to stand up a payroll application. It too requires it's own repository for events, for user identities, workflow engines, and all the needs around auditing of privileges of entitlements. More and more layers must be built and very little of this can be re-purposed and re-used.
The challenged organizations get into is the repetitive efforts they are undertaking in setting up the duplicate components, having to re-create user accounts and the patchwork integration approach between applications which are not designed to share this credential information from the start. This leads to high costs to support, audit risks to the organization, and a challenge to respond to new requests for new applications and services such as Mobile and Cloud.
One of the biggest detractors in businesses moving to the cloud is the inability for customer's legacy applications being "cloud ready" in that they are not able to externalize user identities to the new cloud applications which can be detrimental to the success of the cloud migration.
Oracle has recently written a eBook (Establishing a Mobile Security Architecture) which has an entire chapter dedicated to the issues of Identity Fragmentation in today's enterprises as they related to mobility. Download this free eBook and take a look at Chapter 5, to learn more about Identity Fragmentation in the enterprise today, and to learn best practices for reducing your exposure and developing a more flexible architecture that scales for future on-prem, cloud or mobile applications.
For more information on Oracle's approach to Identity Unification with Oracle's Identity Management 11gR2, visit our website for more details.