Acquisition-scale identity governance: what Accenture's rollout shows

TL;DR: Accenture’s identity programme unified phishing-resistant MFA across hundreds of Active Directory environments and reduced highly privileged AD admin accounts by about 50%, according to Axiad. The case shows that acquisition-heavy enterprises need identity controls that scale faster than migration projects and still preserve centralized governance.

NHIMG editorial — based on content published by Axiad: Why Accenture Is Axiad's 2025 Customer of the Year

By the numbers:

• Accenture deployed phishing-resistant MFA across 2,000 end users spanning multiple Active Directory environments.
• Accenture cut highly privileged AD admin accounts by about 50% after the identity rollout.
• The role of identity governance becomes harder when organisations are acquiring nearly 100 companies in two years.

Questions worth separating out

Q: How should security teams govern identity across acquired Active Directory environments?

A: They should standardise authentication and administrative control before expecting full technical consolidation.

Q: Why does privileged account reduction matter during mergers and acquisitions?

A: Because each inherited directory often brings overlapping admins and local exceptions that enlarge the attack surface.

Q: What do teams get wrong about centralised identity governance after acquisitions?

A: They often assume the main challenge is directory migration, when the bigger problem is inherited trust inconsistency.

Practitioner guidance

• Standardise phishing-resistant authentication early Deploy one strong authentication standard across acquired directories before full migration is complete, so users do not remain on mixed assurance levels during integration.
• Inventory privileged AD accounts across every inherited environment Build a single view of administrative accounts, then remove duplicates and exceptions that exist only because the environments were acquired separately.
• Tie identity modernisation to privilege reduction metrics Track whether the rollout lowers the number of highly privileged identities, not just whether users can authenticate more easily.

What's in the full article

Axiad's full blog post covers the operational detail this post intentionally leaves for the source:

• How Axiad positioned PKIaaS as a drop-in path from passwords to smart card authentication across multiple Active Directory environments.
• The rollout details behind centralized authentication for 2,000 end users and how the deployment was handled at enterprise scale.
• The operational story behind the reported ~50% reduction in highly privileged AD admin accounts across distributed environments.
• The customer-facing explanation of how Accenture balanced acquisition speed, business continuity, and identity standardisation.

👉 Read Axiad's perspective on how Accenture unified identity across acquired environments →

Acquisition-scale identity governance: what Accenture's rollout shows?

Explore further

View Full Forum →  |  NHI Foundation Course →