Some hard numbers on how bad ID data is out there

Up to now I have thrown out the round number that 20%+ of your login records are likely ‘unmatchable’ using normal techniques. Here is some more detailed data behind that number.

This particular table is a composite and simplification of detailed real-world findings. It is representative of an organization with about 30,000 active employees and considers data for 7 common applications/directories.

This is not a guess or speculation but, resembles what we have found when we do detailed analysis within organizations. Obviously specifics are confidential.

It is my hypothesis that this represents the situation in almost all large organizations. Every organization that we have investigated so far has a problem of this magnitude. You may be the exception but, I would not count on it.

Over the next few days I will dig into some of the details but, for now, here is the chart. Do you find this as shocking as I do?

Credentials By Source (small)

click here to enlarge

This entry was posted on Monday, February 5th, 2007 at 9:52 pm and is filed under Risk, matching problem. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Some hard numbers on how bad ID data is out there”

  1. What to do when you lose your keys? - change the locks! « True_Identity Says:
    February 7, 2007 at 10:26 pm | Reply

    [...] True_Identity Discovering links between credentials and people « Some hard numbers on how bad ID data is out there [...]

  2. If you can't trust your identity data foundation, you can't trust your identity systems « True_Identity Says:
    April 3, 2007 at 5:57 pm | Reply

    [...] is ignoring the facts on the ground. These facts are that for the vast majority of organizations, >20% of their legacy login credentials remain active even though they cannot determine who they belong to. His own conference sessions [...]

Leave a Reply