Identity And Access Management

IAM is a set of access and identity tools that facilitate digital identities management for businesses IT managers.

Identity Governance (IG)

Identity governance (IG) is a subcategory of identity and access management (IAM) that emerged from the needs of organizations to comply with new regulatory requirements such as the Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA). IG provides organizations with better visibility to identities and access privileges, and better controls to detect and prevent inappropriate access. IG …

Identity as a Service (IDaaS)

Identity as a Service (IDaaS) is cloud-based identity and access management (IAM) service operated by a third-party provider. Using IDaaS, subscribing companies can validate user credentials and provide access to resources and/or relying parties that have a trust relationship with the IDaaS. IDaaS is particularly relevant for enterprises that are ‘all-in’ on cloud services and do not manage their own network …

Security Information and Event Management (SIEM)

Security Information and Event Management (SIEM) is a monitoring system that aggregates data from different security sensitive sources, analyzes the data, presents it and issues alerts when triggering-criteria is met. SIEM data is ingested from different sources, including the network, security controls, servers, databases, applications, etc. The data is analyzed to detect abnormalities that may indicate a problem. Data from different …

Active Directory Certificate Services (AD CS)

Active Directory Certificate Services (AD CS) provides the public key infrastructure (PKI) functionality that underpins identities and other security functionality on the Windows domain (i.e. file encryption, email encryption, and network traffic encryption). It can create, validate and revoke public key certificates for internal uses of an organization. According to Microsoft, AD CS is a “Server Role that allows you to …

Web Authentication (WebAuthn)

Web Authentication, or WebAuthn, is an effort by the World Wide Web Consortium (W3C) to standardize public-key authentication of users to web-based application and services. Contributing to this effort is the FIDO Alliance.   WebAuthn goal is to increase security for the authentication process by removing or complementing password-based authentication on the one hand, while remaining convenient and easy to use …

Identity sprawl (Directory Sprawl)

Identity sprawl refers to a situation where a user’s identity is managed by multiple siloed systems/directories that are not synchronized with each other, resulting in multiple identities for each user. The situation often arises when an application/system is not, or cannot be, integrated with the central directory service of the organization, resulting in the need to manage another set of user …

Identity and Access Management (IAM)

Identity and Access Management (IAM) refers to technology and processes for managing identities and access permissions for users, computing devices, and applications. IAM provides full lifecycle management by providing the means and credentials for identification during the onboarding process, through to authenticating and authorizing access to resources, and all the way to revoking access credentials and identities. IAM solutions can manage …