Is there really such a thing as the perfect user ID?

I have seen user IDs using initials, first two letters of the first name, then three letters of the family name or first name and a number, well – the solutions are many, but they all have one thing in common.

They don’t help you to get a good grip on the user management.

Over the years I have audited many networks, and initiated deletion of 1000′s of user accounts no longer in use.

If the user accounts belong to people no longer in the company, why are they not deleted?  Very often, the communication between the IT Department and other departments in the company suffers from lack of a good or structured information flow.

  • If a new user arrives, IT management is not informed
  • If a users changes department or moves, IT management is not informed.
  • If a user leaves the company, the IT Management is not informed.

In order to get on top of the situation with user administration, you should use base your user ID syntax on information from the best quality list there is. It is not your list of email accounts; it is not your list of network users, it is not the list of valid electronic entrance cards.  The only list of users you can rely on 100% is the list of employees receiving a salary, or the payroll list. This list is updated daily, and the maintenance of this list follows laws and regulations. Therefore the payroll list is the only logical choice when it comes to user ID.

The payroll has a unique identifier for each employee, this is the payroll number. If you use this as your user ID you will have the best and easiest maintained user administration system in place that you can possibly imagine.

The nice thing with the payroll ID is that it normally means nothing; it is just a unique identifier for a specific person. It is internal, which means that the user ID cannot be used for any other purpose than correct identification of a specific person.

  • If you use a first name, last name syntax, how do you handle users with the same name?
  • If John Smith has left the company, which John Smith are we talking about?
  • If you need to do a check of the user accounts for whatever reason, are you prepared to suit down and map your users against a list of valid employees
  • If you use the payroll ID as a user ID, this match and control is done in seconds, instead of hours or days or never.
  • Can you imagine a verifying process of the user accounts to all your systems in minutes instead of weeks?

This is what will happen if you introduce payroll ID as the user ID.
If you put the requirement into your procedures, you will also get rid of the regular surprise, when a new user suddenly appears and wants a PC and access to the systems. Introduce the concept of no user account without a payroll ID, and you will force discipline into the system. By creating structured procedures , you can place the responsibility for the new user where it belongs, to his or her immediate superior.

These regular “surprise” request sucks, and your working day is interrupted every time it happens. It gets even worse when the new user has special requirements and you have to buy hardware or software to complete the process. Time is wasted, the new user is surprised, the manager is angry because of lack of professionalism and you are blamed because he has no one else to blame it on.

Use the new user ID and a structured process to turn this situation around and create a structured process for new user management. You and the company will benefit from this.