Showing posts from April, 2005

Why do you not need a provisioning solution?

In this world of compliance driven provisioning implementation sometimes it may be worthwhile to really think about whether you need a provisioning solution in place. If the requirement is completly driven by the compliance, then how can provisioning solve the issue. Provisioning, most of the time, gives the idea that after implementation, company is going to create user accounts based on the Company's security standards and practices. But it does not provide by its very nature any way to stop rogue administrators from creating accounts, perform operations using that account and then deleting those accounts before the next reconciliation cycle. So it seems that from that point of view only feature that is of any benefit to the compliance driven implementation is provisioning product's ability to reconcile reosurce accounts (either real time or as scheduled task) in conjuction with a policy driven compliance enforcer (that most of the provisioning products are coming out with) w