By abstracting user management away from the local operating system, Identify reduces the attack surface. There is no need to create local Windows or Linux user accounts on the server just to facilitate file transfers.
Many organizations fail audits because they focus on data encryption (data at rest/in transit) but ignore data authorization . You can have the most secure SSL tunnel in the world, but if a terminated employee still has a live login, your data is exposed.