Describing Identity Management
Identity Management (IDM), or Identity Access Management (IAM), is a user access management tool that controls the process of defining and managing all roles, access rights, or privileges for all of your network users.
IAM ensures that all of your users have the correct access to the resources that they need to do their daily work.
However, there is a lot more that goes into it.
Identity Management typically means controlling the access for every individual in your organization to software applications, and third-party resources or services that your company uses.
Additionally, IDM controls the circumstances in which users are granted/denied privileges to those assets through access policies.
Should Erin have access to our WordPress site? Should she be a Standard User, an Editor, or should she have Administrative Access to WordPress, but nothing else?
Let's take a look at how an IAM Solution might look in a typical E-Commerce company with 20-100 employees.
In this example, we are only going to take a look at 6 sample employees, and we are assuming this company is only using about 6 applications. In all likelihood, they are using many more.
Each employee may or may not have access to each application, and if they do have access, they may have a different set of rights/permissions, or entitlements within that application.
Additionally, this company is utilizing four Roles which can be used to auto-assign users specific applications based on that job role, also known as Role-Based Access Control.
This kind of control and visibility, allows the IT team to limit the number of elevated accounts that could potentially be compromised, see who has what access to applications, and what level of access, at all times.
This process is somewhat easy to manage with a handful of applications, and a handful of Users.
However, according to the 2020 Blissfully Annual Report, small businesses today use over 100 different applications, with large companies using more than 200 on average!
To complicate things, each of these applications may have 2-20 different privileged role levels.
When you consider the number of applications businesses use today, multiplied by 20, 200, or 2000 employees, consultants, and partners, managing who has access to what becomes an overwhelming task.
As your team grows, so do your applications, risks, and requirements.
Everyone wants to grow smoothly, but in reality there are always added security risks, increased IT workload, and the lack of a holistic view of your organization.
The User Management Solution For More Industries
Traditionally Identity Management products have been a crucial part of large Enterprise IT environments. However, they were typically restricted to the largest businesses, that is, until now.
As cybersecurity concerns continue to escalate and technology becomes more affordable (as well as critical), IAM is becoming a vital part of every organization's security foundation regardless of size.
The overarching goal of Identity Management is to create an easy to use, centralized solution that grants secure access to systems across all corporate networks. That's an idea even a business with two people needs to have a solution for.
By creating traceable and auditable identities for every user, companies of any size can maintain compliance with outside regulators. Once that digital identity has been created, it must be maintained, modified, and monitored throughout the user lifecycle, this process can be laborious with only a few users, without centralized management.
What Are The Steps Of Identity Management?
The IAM process begins with onboarding a new user to your network and providing the appropriate access to company resources.
After onboarding, users can create access requests for additional resources. Access requests from users may be processed or declined.
These changes to a user's rights for applications and network resources will change throughout their lifetime in the network/company, also known as the user lifecycle.
Finally, when a user leaves the network, the offboarding of that user is needed in a timely fashion.
What Do Identity Management Products And Services Do?
IAM systems provide administrators the tools and technologies needed to change a user's role, track user activities, create reports on those activities, and enforce organizational policies on an ongoing basis.
IAM is designed to provide a way of administering user access across an entire organization.
Additionally, IAM is often used to ensure compliance with corporate policies and government regulations.
What Do Identity Management Systems Include?
Identity and management technologies include, but aren't limited to:
- Access Request Capabilities
- Password-Management Tools
- Single Sign-On Tools
- Multi-Factor Authentication
- Provisioning Software
- Access Control Policy Enforcement Applications
- Reporting and Monitoring Applications
- Access Review Processes
- Workflow Builders for Approval Flows
- Identity Repositories.
Identity Management Systems are available in on-premises systems, as well as cloud-based systems.
Rules Based Access