One point that he does make is:
“The 4 PM blew their hair back to the point that I stayed over another night to meet with an even broader audience to pitch the notion of control to. Funny thing is, they were far more interested in audit capabilities since that was the immediate need”
I couldn’t agree more! Recently, nearly all of the customers that I go to see about Identity Management talk about auditability being one of their major pain points. In alot of cases, this is due to compliance issues (SOX, 7799 etc). However, even for companies who don’t have direct accountability to one of the many standards, there is still a necessity for traceability and audit.
Like Mark also says:
“What I learned was that in a project of this size, magnitude, and importance (people will die if it doesn’t go well) is that knowing what is happening in real time on the network by who is on the network and what they are accessing (whether they are supposed to or not) will drive the best possible policy development, and ultimately policy enforcement which is the end goal (I think) of implementing an identity management solution.”
Not only will it drive policy development as Mark has stated, but by analysing real time access, this information can also be used to drive role definition and role management, something that Nishant Kaushik has been discussing in his posts on role management (part1, part2 and part3).