Access managementPart 2 in the Converged Identity and Access Management Series

One of the most important reasons for converging identities is that logical and physical identities multiply when they are disconnected; it's time-consuming, expensive and inefficient to manage them. And this applies across the organizations domain - IT, physical security, business units and risk managers.

Another equally pressing issue is that security can be more easily compromised when physical and logical identities are separated. A physical identity may appear legitimate to a standalone PACS but it might no longer be trusted by the enterprise network. That's what happens when an employee is terminated in the logical systems and that information isn't immediately relayed to a PACS. If the enterprise has more than one PACs, and they are not integrated with each other, it may take several more steps to ensure all PACs block the ex-employee's credentials.

Physical or logical credentials that are kept alive even after an employee has left an enterprise can be the cause for compliance gap and, at worst, can leave the virtual or physical door open for fraudulent attacks. The federal government has acknowledged the importance of converging technologies and has been a significant driver for the development of these technologies. For example, in 2004, the Homeland Security Presidential Directive -12 (HSPD-12) was passed, requiring all federal government employees and agencies to use a converged physical and logical ID badge. Standards were created for how the badge is designed, what identity elements are present inside the card, and how the card is used for physical and logical access. This policy is intended to enhance security, increase efficiency, reduce identity fraud, and protect personal privacy.