Understanding Security within Identity and Access Management (IAM)
My goal today is to give you a straight-forward overview of Identity Access Management. My hope is that the below provides you with enough information to understand the basics behind the security within Identity Access Management.
What is the basic definition of Identity and Access Management?
Identity and access management (IAM) is a framework, services or solution that facilitates the management of electronic or digital identities. This also includes the organizational policies for managing digital identity as well as the technologies needed to support identity. The basic elements or roles of IAM as defined by their group identities include users and machines.
What are some key features or controls of identity and access management?
- Role-Based Access Control (RBAC) – This regulates access to systems or networks based on the roles of individual users within the enterprise.
- Single Sign-on (SSO) – This session and user authentication service permits a user to use one set of login credentials (e.g., name and password) to access multiple applications.
- Multifactor Authentication (MFA) – This is an increasingly common security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.
What should a proper identity and access management solution include in order to be effective?
- Capturing and recording user login information, including timestamp
- Management of the enterprise database of user identities; common Identity Store
- Management of the assignment and removal of access privileges
What are some benefits of deploying and managing a proper identity and access management solution?
- A common platform for identity and access management enables the same security policies to be applied across all the different devices and operating platforms
- Proper IAM solutions reduce the effort, time and money to manage access to networks
What are some challenges of identity and access management?
- Orphaned accounts and not updating user access databases
- Lack of monitoring or establishing a set of uniform steps in creating accounts
What is at stake or what are we protecting with a proper IAM solution?
For example, let’s take a look at managing state government agencies and departments. The data we need to consider protecting with an IAM solution would include:
- Social Security Numbers and Accounts
- Driver’s License Information
- Health and Tax Information
These details are considered the blueprint of our lives and provide a traceable link to proving who we are. It goes without saying that this information is highly valuable to a hacker.
The above information clearly only scratches the surface on this topic. However, I hope this overview was helpful in providing some additional understanding of security within an Identity and Access Management framework and solutions.
Senior Solutions Consultant, Lee Berdick, has been passionate about the IT industry since he was 17 years old. Today’s technology concerns has molded Lee into quite the Security expert!