Simplify Your Cybersecurity
Identity Governance and Administration
(IGA)
"Why is identity so important? Identity forms the basis for authorization and trust."— From the NIST draft publication 800-103: “An Ontology of Identity Credentials”
What is Identity Governance and Administration (IGA)?
Identity Governance and Administration is the culmination of Identity Management (IdM), Access Management (AM or IAM combined) and access certifications.
At a high level IGA helps answers these questions for your users, be employees or customers:
-
Are users who they say they are?
-
Are they allowed to perform the action, or access the data, they are intending to?
-
Do they only have the minimum permissions required to perform the action and not anything more?
-
When did the user get the access and how?
-
Are you sure your user credentials are not breached?
-
How soon can I revoke user access if you identify or suspect malicious activity?
Sprinkle the above with the below and you have a robust IGA/IAM framework in place:
-
User Life Cycle Management
-
Compliance and Monitoring
-
Auditing and Reporting
-
Just in Time Access
-
Privileged Access Management
-
Single Sign-On
-
Risk-based or Adaptive Multi-Factor Authentication
Remember Identity is the first pillar of the Zero Trust Architecture.
Technology Stack
-
Azure AD
-
Azure MFA
-
SailPoint
-
Oracle IGA
-
CA IAM
-
CyberArk
-
OIDC
-
Okta
-
OneLogin
-
AWS IAM
-
DUO Security
-
RSA
-
SAML
-
Shibboleth