Laws are like cobwebs, which may catch small flies, but let wasps and hornets break through.
—Jonathan Swift, explaining the term “too big to fail”
I said it earlier, and I’ll say it again: There are things you do because you want to, and things you do because the auditors tell you to. Sometimes they overlap, which is convenient. But increasingly they should overlap, because there are plenty of compliance mandates that probably should have been put in place years ago, and these are forcing organizations to make security decisions that are long overdue.
If you are trolling for budget from management to put IAM in place, one of the best weapons you have is compliance. It’s not just your internal security needs any more; ...