Identity and Access Mgmt

Identity and Access Management is a simple topic, with very complicated answers,  It asks two key questions; Who are you, and what can you access?   To describe this in very basic terms, it is the practice of managing users' electronic identities and the methods by which they can access various resources.

 

As these products have matured and grown, they have extended the core platforms and services to offer stronger forms of authentication, authorization based on risk, and more detailed access definitions.  User provisioning based on roles and relationships has become critical, as well as the ability to virtualize identities.

 

Products that perform Identity and Access Management typically function in four areas; directory services, identity administration, access management, and audit.

 

Directory services are the key building blocks for most identity management platforms. The source of the data, the distribution of that data into the directories that require it, and who holds authority for maintaining the data in the directory are all aspects that must be managed carefully.

 

Identity administration can include user and group management, delegated administration, and approval workflows. Not only should it automate the process of forming, deleting or changing a user identity and associated privileges, there may also be a need for a user to delegate certain of their responsibilities to others in an automated fashion.

 

Access management allows IT professionals to control user access to enterprise resources. While identity administration manages the user identity data, access management is the guard at the door that determines which users may access what information.

 

Audit both related administrative and access activities. Organizations require the ability to demonstrate that account administration and access controls are performing according to policy.

 

Be sure to pilot the processes, not just the technology. Many organizations that have begun identity-management efforts say that business-process issues present bigger hurdles than the technology.  Document, document, document.  In the process of giving access to your resources to individuals, there can be no room for things to fall through the cracks.  Not giving someone all the resources they need to do their job is just plain irritating.  Removing an exiting employee from everywhere but (insert critical component here) could be disastrous.

 

Finally, watch out for industry consolidation.  As the security product space compresses and big names buy the little ones to get into the market or expand their portfolio or improve their technology or even blatantly squash competition, the product you buy today from the "other company" could be part of "the big company" before you know it.

 

Other Information about Identity and Access Management

Swivel Secure Ltd

PINsafe from Swivel Secure allows tokenless two factor and strong authentication without the expense and hassle of carrying around tokens maing it suitable for large scale and corporate through to small deployments. Using a simple PIN extraction proc ...

PINsafe
Tools4ever, Inc.

UMRA is a complete User Management System that simplifies Active Directory Management across all your systems. While managing user account and authorization processes in Active Directory and adjacent systems, UMRA also offers delegation of user account ma ...

UMRA

PixelPin is a B2B2C solution which replaces passwords with pictures. Users choose a picture and click on it in 4 places in sequence to sign in. Key benefits of PixelPin's picture password Simple, quick & easy to use across all platforms On mobile d ...

PistolStar Inc.

PistolStar, Inc. maker of PortalGuard offers an on-premise turnkey user authentication solution-set for companies with external-facing web applications to their employees, contractors, suppliers, and vendors. This all-in-one integrated design includes two ...

PortalGuard
Wave Systems Corp.

Passwords are weak. Tokens are expensive. Don’t compromise on security or price. Wave Virtual Smart Card does anything your physical smart cards and tokens do, but it starts with hardware you already have: the Trusted Platform Module (TPM), a hardware se ...

Wave Virtual Smart Card