Proven Value, Secure Assets
Identity and Access Management
(IAM)
"Why is identity so important? Identity forms the basis for authorization and trust."— From the NIST draft publication 800-103: “An Ontology of Identity Credentials”
What is Identity and Access Management (IAM)?
At a high level IAM helps answers these questions for your users, be employees or customers:
-
Are users who they say they are?
-
Are they allowed to perform the action, or access the data, they are intending to?
-
Do they only have the minimum permissions required to perform the action and not anything more?
-
When did the user get the access and how?
-
Are you sure your user credentials are not breached?
-
How soon can I revoke user access if you identify or suspect malicious activity?
Sprinkle the above with the below and you have a robust IAM framework in place:
-
User Life Cycle Management
-
Compliance and Monitoring
-
Auditing and Reporting
-
Just in Time Access
-
Privileged Access Management
-
Single Sign-On
-
Risk-based or Adaptive Multi-Factor Authentication
Technology Stack
-
Azure AD
-
Azure MFA
-
SailPoint
-
Oracle IGA
-
CA IAM
-
CyberArk
-
OIDC
-
Okta
-
OneLogin
-
AWS IAM
-
DUO Security
-
RSA
-
SAML
-
Shibboleth