“It’s a floor wax!” “It’s a dessert topping!” “Hey, calm down, you two…it’s both!”
– Saturday Night Live, 1976
That’s the comedy bit echoing through my mind ever since my recent chat with Jim McDonald on episode #379 of the Identity at the Center podcast.
In that sketch, New Shimmer promises to polish your floors and sweeten your dessert. The absurdity, of course, is that it’s trying to be two wildly different things at once, and somehow, we all nod along.
That, in many ways, is identity today. It’s compliance and innovation. It’s security and experience. It’s infrastructure and strategy.
We’ve built something that’s supposed to hold the entire digital organization together, while also making it frictionless, personalized, and safe.
And somehow, we’re surprised when sparks fly.
During the conversation, Jim painted a vivid picture of what it’s like to be an identity practitioner today:
“We’re trying to pull the plug from both ends and plug it together. That’s if there’s only one plug on each side. And it’s raining and you’re standing in a puddle. Good luck. If you don’t do it right, you might get electrocuted.”
He’s absolutely right. That’s what it feels like when every business unit has its own pocket of identity, marketing wants one thing, product another, IT a third, and security a fourth.
Everyone has their own plug, their own priorities, their own puddle.
And in the middle of all this, someone eventually asks:
“So… who actually owns this?”
CEOs often assume identity is handled by the CISO, as an extension of cybersecurity.
“That’s why I hired one,” they say.
But identity doesn’t stay politely in the security box. It spills from Protection into Personalization, Payment, and People – what I call the four P’s.
When those four forces collide, it’s no longer a single-function problem. It’s an organizational one.
Identity doesn’t just secure the business – it is the business. It determines how trust is formed, how customers feel seen, and how innovation stays safe.
So yes, in your organization perhaps it’s the CISO who implements. (CISOs own only as many as half of workforce identity programs. Owning CIAM would be rare.)
But it’s the CEO who empowers.
And that distinction might just decide whether your cords light up…or short out.
The hard truth is that the puddle isn’t going away.
Complexity is here to stay – multi-cloud, hybrid work, AI agents, mergers, and regulations all keep pouring water into the system.
But we can’t stand still.
It means we empower the people holding the plugs.
The organizations that succeed are the ones where leadership sees identity as a strategic advantage, not just a compliance burden.
They give identity teams the air cover, budget, and cross-functional mandate to connect the system safely and beautifully.
Because when those cords finally come together, they don’t just power security. They power trust.
Identity, like New Shimmer, is both a floor wax and a dessert topping.
It’s the polish that keeps systems secure and humming, and the sweetness that makes experiences delightful.
If we can start treating it as both, maybe we can stop tripping over the cords and start lighting up what matters.
Listen: My full conversation with Jim McDonald on Identity at the Center discusses my forthcoming book and dives deeper into the messy, human, and often electrifying challenge of making identity work—for everyone.
At Venn Factory, we help leaders see identity not just as a risk to be managed, but as an advantage to be leveraged.
Cut through IAM complexity and transform your strategy with Eve Maler's research-backed insights.
