If you can build your Identity and Access Management program around ensuring proper and efficient end user access, keeping privileged access in check, and treating IAM as the organization’s perimeter defense, then you will get all the other details right along the way.
By finding and disabling inactive, orphaned user accounts, potential security vulnerabilities into the network are sealed. Orphaned accounts may be exploited to gain unauthorized access to sensitive company resources.
My take is that the Federal Government’s potential entry into the arena of Internet identity management is a disaster in the making with little to no chance of any benefits for its citizens. The assertion that citizen identity verification would provide any protection against the likes of the Zeus attacks or Wikileaks is a red herring if there ever was one.
The important thing to know is that Identity and Access Management (IAM) systems generally don’t provide either PIM or PUM capabilities since privileged identities are associated with hardware and software assets, and not with the individual user identities controlled by IAM.