Identity and Access management refers to the processes and methodologies that are used to ensure the right access to right individuals across various information sources of an organization. This is a discipline that is fast emerging as a critical one on account of the increase in data security and compliance requirements by organizations. It encompasses a set of policies, procedures and tools required to manage individual access rights, authentication and privileges including cross border and cross line of business privileges. In simple words, the key objective of this discipline is to ensure right access to the right people for the right resource at the right time.
Today, with most organizations operating globally across geographies, political and physical boundaries, compliance and data security measures have grown in prominence. Any breach in such confidentiality can have far reaching ramifications both from brand and legal perspectives. Identity and access management procedures ensure that organizations can set the right access mechanisms in place to prevent any unintended exposure of sensitive data thereby helping them meet the rigorous compliance mechanisms. Further, by establishing guidelines and rules for access at various organizational levels, identity management ensures that each user of the system can access and manage the data that he is authorised to view, thereby imposing stringent monitoring and data protection mechanisms.
Access governance provides the guiding principles that determine who has access to what information in an organization. In the ever changing IT landscape involving plethora of distributed technologies, applications residing in the cloud and private and public networks, it becomes all the more important to set appropriate access levels to various users. In addition to providing the guidelines, access governance also imposes the monitoring mechanisms required to evaluate the access and usage rights of individual users on an ongoing basis and flag off anomalies.
dentity management is a combination of processes and software/database tools that enable the creation and management of individual identities. Most of the identity management functions are based on a strong foundation of unified personnel data. This database is used to create and manage privilege rights to the personnel based on their roles in the organization. Once an identity is established for an individual, it is modified on an ongoing basis depending on the roles the person undertakes in the organization. Various ID management systems and tools enable the administrator to create a user id, track it on an ongoing basis and make changes as and when required. Periodic audits are mandatory to ensure that the IDs are functioning in the proper manner.
Several tools that enable the administrator to manage identities include password management, reporting and monitoring systems, provisioning software and signature management. Several organizations have gone a step further to introduce smart card and biometric access mechanisms that incorporate identity data for the individual.
Identity management has also been taken to the next level wherein the same identity is managed across wide range of devices that are carried by an individual to work environment. By creating a single identity and imposing access rights, no matter what device the user logs in, the access rights and criteria remain the same based on the single central identity management system.
Some of the components of IAM reference architecture to help manage identities are Federated Single Sign On, Identity Audit, Access Certification, Single Sign On, Privileged User management, Privileged Identity Management, Access Management, Entitlement Management, Strong Authentication, Role Based Provisioning, and Role Management& Role Mining etc.