Identity and access management
In cyber-security, identity and access management (alternatively known by its abbreviation, IAM, as well as identification and access management or, simply, identity management; more narrowly known as user management; hereinafter, IAM) is practice and a set of concepts based on that practice of granting each user of some system a right system-user role.
The goal of IAM can be stated as to "enable the right individuals to access the right resources at the right times, and for the right reasons" (as quoted in Wikipedia. IAM combines business processes, policies, and technologies.
Contents
User management
User management defines the ability for administrator(s) to manage user access to various IT resources like systems, devices, applications, storage systems, networks, SaaS services, and more. User management is a core part to any directory service and is a basic security essential for any organization. User management enables admins to control user access and on-board and off-board users to and from IT resources. Subsequently a directory service will then authenticate, authorize, and audit user access to IT resources based on what the IT admin had dictated.
Traditionally, standalone user management has been grounded with on-prem servers, databases, and closed virtual private networks (VPN). However, recent trends are seeing a shift towards cloud-based IAM, granting administrators greater control over digital assets.
Strategy quality
Use this checklist to assess your current IAM strategy:
- Centralized Management
- Single Sign-On
- Manage by Groups Requirements
- Compatible with Windows, Mac, & Linux
- Extensible to the Cloud
- Cross-platform Device Management
- Unique Wi-Fi credentials for each user
- Multi-Factor Authentication
- Password Complexity Management
- Secure Passwords (i.e. not clear text or encrypted)
- Uses Core Protocols such as LDAP, SAML, RADIUS, SSH, REST
- Automated Provisioning and Deprovisioning
- SSH Key Management
- IAM platform utilizes zero-trust security practices
Poor
- (0-5) If you’re in this range, then your IAM strategy is actively hurting your company’s efficiency and security. You likely don’t have an identity provider or need to scrap your existing one. Giving your IAM strategy a makeover should be your top priority.
Fair
- (6-8) You’re keeping your head above water, but you’re not able to think about the future. Your IAM strategy is either causing lapses in security or has incompatibility with critical resources. Survey your needs and consider making a major change.
Good
- (9-11) If you scored in this range, that means your IAM strategy is serving you well. Still, all it takes is one missing plate in your armor for a hacker to deal a costly strike. Keep reading to find ways to address your IAM solution’s shortcomings.
Excellent
- (12-14) Give yourself a pat on the back. You’ve already got a high-functioning IAM strategy. Focus your efforts on staying ahead of the curve and being prepared for the changes coming in the identity market.