Identity and Access MgmtRSS

Identity and Access Management is a simple topic, with very complicated answers,  It asks two key questions; Who are you, and what can you access?   To describe this in very basic terms, it is the practice of managing users' electronic identities and the methods by which they can access various resources.

 

As these products have matured and grown, they have extended the core platforms and services to offer stronger forms of authentication, authorization based on risk, and more detailed access definitions.  User provisioning based on roles and relationships has become critical, as well as the ability to virtualize identities.

 

Products that perform Identity and Access Management typically function in four areas; directory services, identity administration, access management, and audit.

 

Directory services are the key building blocks for most identity management platforms. The source of the data, the distribution of that data into the directories that require it, and who holds authority for maintaining the data in the directory are all aspects that must be managed carefully.

 

Identity administration can include user and group management, delegated administration, and approval workflows. Not only should it automate the process of forming, deleting or changing a user identity and associated privileges, there may also be a need for a user to delegate certain of their responsibilities to others in an automated fashion.

 

Access management allows IT professionals to control user access to enterprise resources. While identity administration manages the user identity data, access management is the guard at the door that determines which users may access what information.

 

Audit both related administrative and access activities. Organizations require the ability to demonstrate that account administration and access controls are performing according to policy.

 

Be sure to pilot the processes, not just the technology. Many organizations that have begun identity-management efforts say that business-process issues present bigger hurdles than the technology.  Document, document, document.  In the process of giving access to your resources to individuals, there can be no room for things to fall through the cracks.  Not giving someone all the resources they need to do their job is just plain irritating.  Removing an exiting employee from everywhere but (insert critical component here) could be disastrous.

 

Finally, watch out for industry consolidation.  As the security product space compresses and big names buy the little ones to get into the market or expand their portfolio or improve their technology or even blatantly squash competition, the product you buy today from the "other company" could be part of "the big company" before you know it.

 

Other Information about Identity and Access Management

The Dot Net Factory
Commercial
Pricing Model

An automated and centralized identity management platform is the only viable means for delivering consistent service and maintaining control over application security. As the only Identity Lifecycle Management solution built on a platform that incorporate ...

Modified
EmpowerID
Commercial
Pricing Model

The Windows Identity Foundation helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools.

Modified
Windows Identity Foundation
Commercial
Pricing Model

DirX Identity offers an extensive identity management solution for enterprises and organizations. It gives the right people the right access to the right resources at the right time and thus leads to productivity, information security, a perceptible reduc ...

Modified
NMI (NSF Middleware Initiative)
Open Source
Pricing Model

The primary goal of the NMI-EDIT Consortium, part of the NSF Middleware Initiative (NMI), is to improve the productivity of the research and education community through development, testing, and dissemination of architectures, software, and practices ...

Modified
nmi-edit
Commercial
Pricing Model

Add deep context, intelligence and security to decisions about which users should have access to your organization’s data and applications, on-premises or in the cloud. Modernized, modular IBM Security Verify solution provides deep, AI-powered context fo ...

Modified
IBM Security Verify
Freeware
Pricing Model

Oracle Directory Server Enterprise Edition (formerly SUN Directory Server Enterprise Edition) is the best known directory server with proven large deployments in carrier and enterprise environments. It is also the most supported directory by ISVs, so it ...

Modified
Commercial
Pricing Model

Oracle Identity Analytics provides enterprises with the ability to define and manage roles and automate critical identity-based controls. Once roles are defined, certified, and assigned, the software continues to deliver scalable and sustainable identity ...

Modified
Oracle Identity Analytics
Core Security
Commercial
Pricing Model

Access Assurance Suite is an intelligent identity and access management (IAM) software solution that enables organizations to deliver informed provisioning, meet ongoing regulatory compliance, and leverage actionable analytics for improved identity govern ...

Modified
Access Assurance Suite
CyberArk Software
Commercial
Pricing Model

Protect, monitor and control privileged access, with on-site deployment. Deploy in your datacenter, private or public cloud, to meet regulatory compliance or organizational needs Confidently migrate to SaaS with the backing of CyberArk’s proven expertis ...

Modified
Privileged Access Manager
Commercial
Pricing Model

DirX Audit provides a platform for the central collection, normalization, storage, and analysis of audit trails from different audit sources. Auditors can use DirX Audit's web-based user interface to analyze and correlate the audit logs in the central ...

Modified
Commercial
Pricing Model

DirX Directory enables the secure storage of unambiguous digital identities and is designed to handle a potentially very large number of users. Other data, such as the public keys for a public key infrastructure, can also be stored and managed reliably ...

Modified
Commercial
Pricing Model

DirX Access is a comprehensive access management and identity federation solution for protecting Web services and Web applications against unauthorized access. User access is controlled and enforced on the basis of central role-based security policies ...

Modified
Commercial
Pricing Model

Oracle Unified Directory is an all-in-one directory solution with storage, proxy, synchronization and virtualization capabilities. While unifying the approach, it provides all the services required for high-performance Enterprise and carrier-grade environ ...

Modified
Oracle Unified Directory
Commercial
Pricing Model

Oracle identity and access management solutions secure access to enterprise applications for both cloud and on-premises deployments. Flexible protection for your workloads Oracle Identity and Access Management solutions provide deployment options to pro ...

Modified
Oracle Identity and Access Management
Oracle
Commercial
Pricing Model

Oracle Access Manager allows users of your applications or IT systems to log in once and gain access to a broad range of IT resources. Oracle Access Manager provides an identity management and access control system that is shared by all your applications. ...

ModifiedNever
Commercial
Pricing Model

Oracle Identity Federation (OIF) is a complete, enterprise-level solution for secure identity information exchange between partners. OIF reduces account management for partner identities and lowers the cost of integrations through support of industry fede ...

Modified
Oracle Identity Federation
Hitachi ID Systems, Inc.
Commercial
Pricing Model

Hitachi ID Bravura Pass is an integrated solution for managing credentials across systems and applications. It simplifies the management of passwords, tokens, smart cards, security questions and biometrics. Bravura Pass lowers IT support cost and imp ...

Modified
Hitachi ID Bravura Pass
Hitachi ID Systems, Inc.
Commercial
Pricing Model

Hitachi ID Bravura Identity is an integrated solution for managing identities, groups and security entitlements across systems and applications. It ensures that users are granted access quickly, that entitlements are appropriate to business need and that ...

Modified
Hitachi ID Bravura Identity
Hitachi ID Systems, Inc.
Commercial
Pricing Model

Hitachi ID Bravura Privilege secures access to elevated privileges. It eliminates shared and static passwords to privileged accounts. It enforces strong authentication and reliable authorization prior to granting access. User access is logged, creating st ...

Modified
Hitachi ID Bravura Privilege
Hitachi ID Systems, Inc.
Commercial
Pricing Model

Bravura Identity is an integrated solution for managing identities, groups and security entitlements across systems and applications. It ensures that users are granted access quickly, that entitlements are appropriate to business need and that access is r ...

Modified
Bravura Identity