|
|
|
|
|
|
by xyzzy123
1567 days ago
|
|
|
Ignoring the "actual security" angle for a minute. When you have thousands of accounts and dozens to hundreds of services, manual management just stops being practical. Most large orgs are subject to one form of compliance or another, and it's inevitable that at some point you have to prove to an auditor that you have onboarding / offboarding processes for everything as that's in their checklist. This is difficult to prove "at scale" and removing tons of per-service UAR processes is the main value. Each service is an opportunity to screw up - forget to document the process, forget to execute the process, (my favourite) forget to record that you executed the process, or execute the process wrong. The alternative to automation in a big company is that accounts get left dormant for years. |
|
|