Seven deadly ID Management sins

Speak of the devil - no sooner had I completed the previous post when I came accross this article highlighting that the frailties of ID management come down to....you guessed it - people! All the more reason that telling your users to write down their average 12 "strong passwords" on pieces of paper does not solve your problems - especially if 75% of them will give up these passwords for a bar of chocolate!

The author opens up the article with "after three decades of observation, I have concluded that most IDM failures aren’t due to technology glitches. In fact, most of the leading IDM technologies serve their purpose well. Instead, the most common problems seem to result from how people interface with these systems. I call the causes of these fiascos the “seven deadly sins of identity management.” "

1. Too much rigor reduces employee productivity.
2. Tighter security measures can lead to back-end shortcuts.
3. Too much convenience decreases end-user confidence
4. Too much collection of personal information creates privacy risks
5. Poor manual controls open the door to social-engineering risks
6. Too much autonomy creates opportunity for malicious insiders
7. Ignorance causes low-tech risks

Follow the hyperlink in the subject topic for an interesting and useful short read of 2 pages