- Best in Class companies have a factor of 1.9X fewer total directories (16) than the Industry Average (31)
- Best in Class companies are 2.4X more likely to have consolidated to a single directory (19%) than the Industry Average (8%)
- Best in Class companies are 1.9X more likely than the Industry Average to synchronize directories completely … or through consolidation, not at
Here's the statistic that I like the most:
- Best in Class companies reported an average of 16 separate directories, compared to 31 for the Industry Average
That's a 50% reduction in the number of directories between the average and best in class companies. Can you imagine how much easier the identity management problem is at the company with 50% less directories to manage?
For those companies who choose to consolidate around a single directory, consolidation around Active Directory (AD) is consistent with the dominance of Windows in server operating systems. In the 2007 Aberdeen Report (May 2007), approximately 90% of all companies reported that Microsoft was the leading server operating system. At the same time, Linux and leading flavors of Unix from IBM, HP and Sun also have a significant footprint. Even in an AD-centric environment, the material presence of Unix and Linux in companies of all sizes requires companies to develop explicit strategies for integration of non-Windows systems as well.
Their conclusion - which I, of course, agree with...
Companies that effectively address these issues and streamline management of their identity directories position themselves to reap the operational and security benefits of more effective user provisioning and de-provisioning.
Interesting sidenote - This paper was authored by Derek Brink. I knew Derek when he was at RSA and we were both involved in the PKI Forum. It's great to see him over at Aberdeen. He's a wealth of knowledge.
identity management, Active Directory, Microsoft