It would be nice if out of the box you could get a few starting identities based on common security use cases.
I.E.
An Identity / Only read, for end users
An Identity for Consultants / Systems Integrators - That could administrate all but the security, so this could be an starting point to build an standard identity for new Consultants
An identity for Edit all but Analytics - This could be an starting point for power users.
