Is it valid to have a shared identity profile for both employees and contractors?

Having a shared identity profile for both employees and contractors can lead to confusion due to the distinct roles, responsibilities, and access rights that each group typically requires. Employees usually have different access needs and privileges compared to contractors, reflecting their varying relationships with the organization.

When both identities are combined into a single profile, it can create ambiguity regarding what resources each group can access, leading to potential security risks and compliance issues. For example, contractors may need limited access to specific systems only during the duration of their contract, whereas employees might require broader access as part of their ongoing employment.

Additionally, a shared identity profile complicates the governance and management of identities. It makes it harder to enforce policies appropriately, conduct audits, and ensure compliance with regulatory requirements. Therefore, keeping these profiles separate provides clarity in managing identity and access governance, aligning with best practices in identity security.