Cybersecurity Automation For Tomorrow, Today
Identity and Access Management
(IAM)
"Why is identity so important? Identity forms the basis for authorization and trust."— From the NIST draft publication 800-103: “An Ontology of Identity Credentials”
What is Identity and Access Management (IAM)? At a high level IAM helps answers these questions for your users, be employees or customers:
-
Are users who they say they are?
-
Are they allowed to perform the action, or access the data, they are intending to?
-
Do they only have the minimum permissions required to perform the action and not anything more?
-
When did the user get the access and how?
Sprinkle the above with the three below and you have a robust IAM framework in place:
-
User Life Cycle Management
-
Compliance and Monitoring
-
Auditing and Reporting
A few more terms you might across:
-
Privileged Access Management (PAM) is a subset of IAM where as the name suggests, you focus on your high-prized items i.e. privileged accounts (think Domain Administrators, Database Administrators etc.)
-
Federation or Single Sign-On is allowing users who have access to one system get access to another system, based on trust established between these systems. You reduce the number of times the user has to enter his username and password, and the number of usernames and passwords the user has to remember.
Technology Stack
-
Azure AD
-
Azure MFA
-
SailPoint
-
Oracle IGA
-
CA IAM
-
CyberArk
-
OIDC
-
Okta
-
OneLogin
-
AWS IAM
-
DUO Security
-
RSA
-
SAML
-
Shibboleth