Companies that diligently use standard data management products and techniques might assume that all their corporate information is safe. However, that is not the case. Some kinds of information need special care and attention – for example financial information, or, even more so, information related to personal identities.

Identity fraud is a growing problem. Organized crime often uses identity theft to raise money to fund operations such as people trafficking and drug smuggling. Gartner Research estimates that just "phishing" attacks alone cost U.S. banks and credit card companies $1.2 billion last year. According to Computer Associates’ security guru Mick Coady, identity theft is much easier than most people think; personal information can be relatively easily obtained for about $500-1,000 per record.

Increasingly, governments realize the problem of identity fraud, and legislation is being put in place that regulates who can see what information. In the U.S., the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley (GLB) Act mandate privacy of personal information in the healthcare and financial spheres. In Europe, the European Data Protection Directive restricts access to personal information. Other countries such as Canada and Australia have similar laws.

Unfortunately, having the legislation in place is only the first step. To make the legislation have any impact, organizations need effective, reliable identity management.

Well-implemented identity management systems not only help with regulatory compliance and preventing fraud; they can also increase operational efficiency, tighten security and improve customer experience. For example, identity provisioning systems, which speed up the process of allocating access permissions to business systems and information, can dramatically reduce the time that it takes to make a new employee productive. In addition, they can eliminate the problem of ex-employees having continued access to systems because no one has thought to remove those permissions. Identity-based access control with simplified sign-on can ensure that the right people - and only the right people - have speedy access to the right systems and information. Identity management also plays a critical role in enabling personalized user interfaces, which provide a better user experience and subsequently result in attracting and retaining customers. Amazon leads the way, but is followed by many other web retailers and customer-facing organizations.