Most identity programs don’t fail on technology. They fail on lifecycle — who gets access on day one, what changes when they move roles, whether access actually ends when they leave, and whether anyone can prove any of it. We’ve done that work for 17 years.
Elry builds and sustains the provisioning and deprovisioning layer for organisations where the identity stack has outgrown the team running it: automated joiner-mover-leaver flows, integration with HR as the source of truth, and lifecycle rules that keep running without a person remembering to do it.
At the University of Queensland, that means the identity lifecycle for 800,000+ accounts — staff, students, affiliates, and alumni — running across Exchange, Active Directory, LDAP, Okta, and Duo. Five years stable. Enrolment-cycle churn at that scale is the hardest lifecycle problem in the country, and it’s the one we sit inside every day.
Custom, because the complexity is the point. Universities that buy off-the-shelf identity tools often end up with three off-the-shelf systems and nothing that works together. A person can be staff and student at the same time. International students arrive with no first name, or no last name. Identities span from a person’s first contact with the institution to their last — and back again, because alumni return. Systems built for corporate joiner-mover-leaver flows don’t represent any of that. We build custom identity lifecycle systems for exactly these environments.
For universities: enrolment-cycle churn, multi-vendor federation, audit load on a lean central IT team — we know the sector from the inside, not from a whitepaper.