A 2023 ASIS International survey of 1,022 security professionals found that only 42% had integrated their access control system with visitor management. Identity fragmentation refers to the disjointed management of physical identities across multiple access control systems, leading to inefficiencies and security risks. Security teams have a name for the result: identity fragmentation. When an organisation manages physical identities across several unconnected access control systems, no single system holds the full picture of who should have access to what, or why. That gap creates two distinct problems, one operational and one security-critical.
The operational problem is administrative drag. Every new starter, transfer, contractor engagement, or site visit has to be entered separately into each relevant system, usually by hand. HR knows an employee has joined, left, or changed role; the access control system often does not find out until someone remembers to update it, one system at a time.
The security-critical problem is the credential that outlives its purpose: an access right that stays active long after the person behind it should have lost it. A contractor's engagement ends, but their credential still opens a secure area. An employee leaves the organisation, and their access is switched off at one site but overlooked at another. Individually, each of these is a small administrative slip. Collectively, across dozens or hundreds of sites, they add up to a real and largely invisible exposure, particularly for organisations that also need to demonstrate compliance with frameworks such as ISO 27001, NIS2, or DORA, all of which expect an organisation to show, on demand, exactly who can access what, and why.
Fragmentation, in other words, is not simply an inconvenience. It is a structural weakness that manual processes cannot fully close, no matter how careful the people running them are.
The Solution: Centralising Physical Identity Management with a PIAM Platform
Physical Identity & Access Management (PIAM) is a system designed to centralize and streamline the management of physical identities and their access rights across multiple sites. PIAM exists precisely to close this gap. Rather than treating physical access as something each local system manages on its own, PIAM introduces a dedicated management layer that sits above them, connecting an organisation's identity sources, typically its HR and directory systems, to the physical infrastructure that controls doors, gates, and secure areas across every site.
The ID-ware PIAM Suite is built around this principle. Instead of asking security teams and site managers to keep several systems in step by hand, it brings identity, credential, and access management together in one place, through three complementary capabilities.
Integration. The PIAM Suite connects directly to HR systems, directory services, and existing physical access control systems, so that a change made once, such as a new hire, a role change, or a contract ending, propagates automatically to every connected site. This extends beyond core access control systems too: further third-party systems, such as payment, locker, and parking management, can be integrated just as seamlessly, so that a single identity record governs access across the full range of facilities and services an organisation offers.
Automation. Onboarding, credential issuance, access requests, and de-provisioning are handled through automated workflows rather than manual data entry. When an identity is deactivated at the source, whether that is HR, a contractor management system, or directory services, access can be revoked everywhere at once, closing the door on outdated credentials rather than relying on someone to remember to do it.
Centralisation. Credential Management, Access Management, Visitor Management, and Contractor Management operate from a single platform, giving security and compliance teams one place to see, govern, and report on who has access to what, across every site.