Identity touches everything in modern IT. Whether it’s logging into email, provisioning a VM, or accessing a CRM, identity and access management (IAM) is the digital backbone of work. Yet the controls meant to safeguard it haven’t kept up with the scale, speed, and complexity of today’s environments.
The cracks show up everywhere. In August 2025, attackers tied to UNC6395 (linked to ShinyHunters) exploited stolen OAuth tokens from Salesloft Drift integrations to infiltrate Salesforce customer environments. Using these tokens, they exported data objects like Cases, Contacts, and Accounts across more than 700 organizations.
This wasn’t a sophisticated zero-day exploit.
It was a reminder that tokens, credentials, and identity signals are often the weakest link, and when IAM fails, attackers move fast.
Unfortunately, this isn’t an isolated case. SonicWall customers were warned to reset credentials after a 2025 incident exposed firewall configurations. Leaked credentials overall are up 160% year-over-year according to industry reports. And let's not forget the financial implications - according to IBM’s 2025 Cost of a Data Breach Report, the global average breach now costs $4.44 million, climbing over $10 million in the U.S.
Why IAM breaks down
Patchwork systems
Some applications plug into SSO quickly, while others require weeks of custom work, legacy connectors, or costly enterprise tiers. Add in fragmented directories, inconsistent MFA adoption, and mismatched identity providers, and the result is fragile environments that are difficult to govern and even harder to audit.
Scaling access equals scaling risk
Every joiner, mover, or leaver event spawns a chain of changes. Without orchestration, accounts linger, privileges pile up, and now with the introduction of shadow AI tools, the problem is only multiplying.
Pressure from all sides
Auditors demand clear, traceable evidence for every access decision. Security teams demand zero gaps or lingering accounts. Business units expect employees to get access immediately so productivity isn’t lost. IT is caught in the middle, and manual reviews can’t deliver on all these competing demands at once.
What good looks like
IAM done right isn’t about bolting on more tools. It’s about orchestrating the lifecycle end to end:
Access in minutes: employees get what they need without bottlenecks.
Least privilege by design: roles, approvals, and revocations enforced automatically.
Audit evidence built in: every request and decision logged as workflows run.
Confidence at scale: workflows adapt to SaaS, on-prem, and cloud, without adding risk.
How to start
The path forward doesn’t require a huge overhaul. Start small:
Offboard leavers instantly.
Automate approvals for routine access.
Schedule access reviews that run in the background.
Each step reduces manual effort, closes security gaps, and builds consistency across IT and security.
Identity may be simple in theory, but in practice it’s one of IT’s hardest challenges. The good news: with orchestration, IAM can be both seamless and secure; a foundation for speed, compliance, and resilience at scale.
Explore the full guide: Unlocking IT agility with automation and orchestration Vol 2: Identity and access management.