ABSTRACT
Today’s large organization’s information technology (IT) infrastructure is a mix of complex incompatible
operating systems, applications, and databases spread over a large geographical area. The organization
itself has a dynamic population of employees, contractors, business partners, and customers, all of whom
require access to various parts of the infrastructure. Most companies rely on manual or semiautomated
administration of users and their access to and privileges for various systems. Often different systems will
have their own sets of access requirements with different sets of administrators who will have different but
often overlapping skill sets, leading to poor use of resources. This increasing number of disparate systems
creates an enormous administrative overhead, with each group of administrators often implementing
their own policies and procedure with the result that access control data is inconsistent, fragmented
across systems, and impossible to analyze.