Identity access management

Identity Access Management (IAM) encapsulates people, processes and products to identify and manage the data used in an information system to authenticate users and grant or deny access rights to data and system resources. The goal of IAM is to provide appropriate access to enterprise resources.

The ability of an organization to rapidly search, identify and verify who is accessing the systems is a critical aspect of meeting security and compliance requirements for the organization. Implementing IAM models for a small business group and incrementally covering every part of the organization can reap benefits monetarily and security wise.

IAM comprises four main components namely, Authentication, Authorization, User Management and Central User Repository. Its goal is to provide the right access to the right people in order to protect information sources.

This area covers authentication and session management within user applications. Userid/password authentication is the most common approach to providing access control and information privacy to user and enterprise information. Implementing IAM helps manage different sessions of the users from centralized locations.

Authorization determines whether the user has the required permission or access right to a particular resource. IAM checks the user access request against authorization policies of the organization. It is at this point that organizations can implement role-based access controls. Authorization includes user attributes, groups to which the user belongs, access channels, data resources that can be accessed, and perhaps more complex access criteria, such as time-based access or complex business rules that determine dynamic permissions granted to the user.

IAM defines rules for administrative functions like password resetting, identity creation, propagation, and user identity and privileges management. This module also manages the entire user life-cycle right from identity creation to final de-provisioning from accounts database. It is necessary to install an integrated workflow system that can take care of user management activities.

By implementing IAM systems the organization can store and deliver identity information from a single authoritative source to other IT services and can provide verification on demand. This module presents a logical view of existing identities and their relationships to various other systems. These repositories can be physical or virtually maintained depending on the growing volume of identities.

Business value improves when the organization is able to appropriately protect its information assets. IAM provides the kind of reliability and accessibility to user access control that is imperative to most e-business sites these days. Industries that can benefit from IAM include online banking, service delivery and retail sites.

IAM provides the ability to open up only select subsets of the organization’s information sites to customers, vendors, partners providing effective information exchange that can be adapted to a particular user group. IAM can enable new users, employees or contractors to gain necessary information from applications so that they can be productive and at the same time allow the organization to keep a check on the access rights as their roles require.

IAM requires that every business owner, employee, executive and business group work towards setting up a secure and reliable and readily available work environment.

• Phased approach to providing access controls help you identify loop holes in control points • Enhances business value by improving security • Improves compliance with various industry regulations and creates opportunities for new business initiatives • Reduces overall effort of IT administration • Improved employee productivity • More effective customer support • Eases IT management in large organizations and can enhance overall ROI for business • Provides scalable approach that enables IT expansion in growing organizations

• Identity Access Management