I was scanning CNN.COM this morning, and came across an amusing headline: BEST BOX WINE FOR THE BUCK.
Yes, yes, wine in a box. Sort of like Coors Light, it's beer for people who don't really like beer. Wine in a box doesn't quite say, "I'm a sophisticate." It says, "At least I"m not drinking out of a paper bag."
I imagine if you go to the ballpark in California, you can see the boxed wine set drinking the stuff from headgear. Y'know, like a wine bong. Chug, chug, chug, but with your pinkie extended.
Okay, so these same kinds of people are asking me in to discuss enterprise SSO, provisioning, compliance. And they stack up the major vendors against ... boxed wine solutions. Little point products that "provision" to AD. They do password reset, but only to AD. They do little bits of compliance reporting, with none of that data actionable.
So you got an itty bitty toolset that lets you fill out AD attributes, or that futzes with your password? A reporting thingy that tells you what AD groups people are in? Oh gee.
It's your business, your livelihood, your credibility as an organization. I'm not saying you have to break the bank, but you have to take this seriously. "Oh, we're not publicly traded, we don't do much reporting, we don't have to sweat this much." So productivity and efficiency go out the window, and when that day inevitably comes that you DO have to provide reporting, or you DO get hacked, then you're scrambling.
Don't get an IAM solution that comes with a pop top or screwtop. Get one with a cork.