Identity Isn’t Broken — It’s Overworked (Just Like the People Running It)

Anyone who has ever been responsible for identity knows one thing: this is not a quiet corner of IT. Identity teams do heroic work every day, often with tools that were never designed for the speed or complexity of modern organizations. If there were medals for “things that only break when everyone is already busy,” identity would take gold every year.

Identity teams don’t get enough credit for how much they hold together with sheer determination and caffeine. They deal with the kind of behind-the-scenes complexity that would make most of us lie down on the floor and rethink our career choices. And somehow, day after day, things mostly do work — thanks to the people who quietly keep the lights on.

There’s a story that circulates in identity circles — and versions of it show up in almost every organization. It goes something like this: an employee changes roles a few times, and instead of losing old access, they somehow gain more each time. Not intentionally, not maliciously — just a digital snowball collecting permissions as it rolls downhill.

By the time someone notices, the identity team has usually spent months trying to “fix the flow,” unaware that several reorganizations, a couple of well-intended automation rules, and a job title nobody has used since 2018 have quietly conspired to produce the world’s most accidental power user. The team isn’t frustrated because they don’t understand identity. They’re frustrated because they do — and because no matter how hard they try to correct the issue, something else keeps tugging at the thread.

This is what identity feels like in most organizations. People join, leave, move, swap departments, go on leave, return from leave, and occasionally end up with two job titles and no desk. Systems get added, retired, rebuilt, forgotten, rediscovered, reconnected… you get the idea. And identity teams are trying to keep things aligned while balancing a ticket queue, maintaining a forest of automation scripts, and at least three people urgently whispering, “I can’t get into Teams.”

Identity isn’t broken. It’s overwhelmed.

And it’s overwhelmed because identity is being asked to operate like critical infrastructure without actually being treated as critical infrastructure.

This is where the idea of Operational Identity feels like a breath of fresh air. It isn’t about replacing Entra ID, and it definitely isn’t about replacing the people doing the work. It’s about giving identity the structure, predictability, and support it has always deserved — the same kind we give to payroll, infrastructure, and other critical systems.

Think of it like this: if infrastructure had to rely on three people, a handful of scripts, and good intentions, we’d all be working on typewriters. But identity is somehow expected to thrive in exactly those conditions — and the fact that many companies actually do stay afloat is a testament to how good their identity teams already are.

Operational Identity doesn’t diminish that effort. It amplifies it. It creates an operating model where lifecycle events behave predictably, access doesn’t quietly accumulate, controls don’t slowly drift off course, and the team isn’t stuck in a permanent loop of “why did this break today?” It allows identity professionals to spend more time improving things and less time playing detective.

That’s why at Fortytwo, we’ve built our Identity Operating Model around running identity continuously — not as a project, not as a collection of fixes, but as something that deserves full-time operational care. Automation handles the repetitive work, governance keeps everything aligned, and identity recovery is no longer the wild west of manual verification. The people who know identity best finally have the breathing room to focus on the things that actually move the organization forward.

Most companies I speak with aren’t looking for someone to take identity away from them; they’re looking for a way to make identity behave the way they’ve always wanted it to: reliable, predictable, and free of unnecessary drama.

If that sounds familiar — if your identity team is doing incredible work but still feels like identity is one unpredictable twist away from derailing everyone’s afternoon — it may be time to explore a different operating model.

If you want to talk about what Operational Identity could look like for your organization (and share a few identity horror stories along the way), I’d be glad to chat.

Book a short discovery session, and let’s take some pressure off the system that carries everything else.