Beginner’s Guide to Identity and Access Management
Organizations around the world must ensure employees, customers and business partners all have appropriate, secure access to information and technology resources. Identity and access management solutions overcome the challenges of security of enterprise IT.
Before moving to heavy concepts on the security of IT systems, let me explain the foundation of secure access to the IT resources, Identity and Access Management(IAM) by dividing it into some questions.
What is identity??
Identity is a factor that can be used to recognize a person or a thing. We can use the name as the identity of someone. But there could be many people with the same name within a specific domain(school, company, organization…).
For security purposes, we might need a more specific way to uniquely identify a person or a thing. Solution — -> Authentication
What is authentication???
Authentication is the process of uniquely identifying a person or a device. When a user attempts to access a system or data, first he or she should claim the identity, typically by entering username and password into the system. The following three factors can be used for the authentication process.
-Something you know (such as a password, PIN)
-Something you have (such as a smart card, ID card)
-Something you are (such as a fingerprint or other bio-metric method)
What is Authorization???
Authorization is the process of giving someone permission to do or to have something. In multi-user computer systems, a system administrator defines for the system in which users are allowed access to the system and what privileges of use (such as access to which file directories, hours of access, amount of allocated storage space, and so forth).
Now that you have the basic idea to understand the what is IAM. Let’s move on to the definition of Identity and Access management(IAM).
What is IAM?
Identity Access Management is a security discipline that manages identity and access privileges for a physical or virtual resource. IAM ensures that the user’s identity (authentication) and that they can access the applications and resources which they have permission to use (authorization).
Why we need IAM?
To clearly understand the importance of IAM, first, we look at how a traditional organization infrastructure manages identities and access privileges.
According to the traditional access management approach, every application in an organization manages the user’s identity and access privileges separately.
Let’s understand the issues of this approach using a simple scenario.
Emma wants to access three web applications in ABC organization according to her requirements. But she has to create accounts for every application with different usernames and passwords.
If Emma wants to access multiple applications within the same organization and then She has to create an account and maintain credentials for every application. In that case, She’d probably either use the same password or create simple passwords for every application(data breaching) which means she has to remember each login credential(bad user experience). By the organization side, they also have to face issues such as less agile, low productivity and high IT costs, etc.
That’s where identity and access management solutions become more prevalent and critical in IT industry. IAM solves all problems in the traditional approach and provides more features to increase security. Let’s see main concepts of IAM briefly.
Main concepts of IAM???
1)Centralized Access Management-Handling user authentication and account management at a central system
2)User Provisioning-Creating and managing user accounts/identity information within the system
3)Single Sign-On (SSO)-Authenticating users once and allowing access to other associated applications
4)Multi-Factor Authentication-Authenticating users by challenging with multiple authentication factors, e.g., password, SMS, and fingerprint
5)Adaptive Authentication-Authenticating users by challenging with multiple authentication steps based on the users’ risk profile
6)Identity Federation-Authenticating users existing in an external identity provider
Are you searching for a high secure IAM solution? WSO2 Identity Server is the best open source IAM solution that provides the best features to ensure security in enterprise IT. You found the best solution:)
Thank you for reading my first-ever blog and hope you understand the basic idea of identity and access management. I’ll explain the main concepts of IAM and how IAM ensures the security of IT systems in my next blog. Any clarifications or suggestions for improvements are welcome :)
- WSO2 documentations