Notifications
Clear all
Topic starter
11/06/2026 10:39 pm
TL;DR: IT teams in 2026 are still losing time and control to manual onboarding, legacy systems, weak password practices, outsourcing risk, and poor asset tracking, according to Zluri. The underlying problem is not staffing alone but identity process sprawl, where access, review, and reporting are spread across disconnected systems and workflows.
NHIMG editorial — based on content published by Zluri: IT teams’ 7 biggest challenges encountered in 2026
Questions worth separating out
Q: How should IT teams reduce manual onboarding and offboarding risk?
A: IT teams should move joiner, mover, and leaver events into one governed workflow tied to a single source of truth.
Q: Why do legacy systems create identity governance problems?
A: Legacy systems often cannot consume or emit identity changes cleanly, which forces manual reconciliation and weakens policy enforcement.
Q: What do security teams get wrong about outsourcing and access control?
A: They often treat third-party access as a one-time approval instead of a lifecycle that includes expiry, review, and offboarding.
Practitioner guidance
- Standardise joiner-mover-leaver workflows Define one approved workflow for onboarding, role changes, and offboarding so that access updates happen from the same source of truth across HR, IT, and app owners.
- Reconcile legacy systems to lifecycle controls List every legacy platform that still requires manual access updates and assign exception ownership, review cadence, and compensating controls for each one.
- Reduce password-dependent access paths Use SSO and multifactor authentication where possible, then track password resets and shared credential use as indicators of identity process weakness.
What's in the full article
Zluri's full article covers the operational detail this post intentionally leaves for the source:
- The article expands each of the seven IT team challenge areas with practical examples from daily operations and access management.
- It explains Zluri's SaaS discovery methods and how they surface app usage, renewal dates, restricted apps, and other inventory signals.
- It walks through automated onboarding and offboarding workflows, including how HR and IT system integration reduces manual reconciliation.
- It describes reporting outputs such as unauthorized access, app usage, license consumption, and critical user tracking.
👉 Read Zluri's analysis of the seven biggest IT team challenges in 2026 →
Identity process sprawl in IT teams: what governance is missing?
Explore further
12/06/2026 6:54 am
Identity process sprawl is the real failure mode behind IT team overload. The article frames the problem as too much manual work, but the deeper issue is that access, app inventory, and lifecycle events are being governed in separate lanes. That creates conflicting records, delayed decisions, and inconsistent enforcement across human, machine, and third-party identities. Practitioners should treat this as a governance architecture issue, not a staffing problem.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows why identity inventory and entitlement control still lag operational reality.
A question worth separating out:
Q: How do you know if identity process automation is actually working?
A: It is working when access changes happen faster than manual handoffs, audit reports match actual entitlement state, and password reset or exception volume falls over time. If automation still depends on routine rework, the organisation has only automated the queue, not the control.
👉 Read our full editorial: IT teams’ biggest 2026 challenge is identity process sprawl
