...
Handling Multiple Person Objects for the Same Person
Some situations require multiple Person objects for the same human being or non-human identity. A typical case is where a Person has privileged access to IT systems. Privileged access is often granted by creating an additional personal privileged user account in the system for use by that person when performing admin activities. Using Active Directory as an example, this would mean that a Person would have two users in the same AD domain. If EmpowerID were to link these two Account objects to the same person, some undesired consequences would occur. 1) EmpowerID flows attributes between all accounts owned by the Person and the rules are per directory not per attribute.
These include cases where the human
Compliant Access Delivery synthesizes multiple Identity and Access Management (IAM) technologies with a business modeling approach to automate and maintain each user with their appropriate Access to IT systems while continuously minimizing risk.
...