Identity and Access MgmtRSS

Identity and Access Management is a simple topic, with very complicated answers,  It asks two key questions; Who are you, and what can you access?   To describe this in very basic terms, it is the practice of managing users' electronic identities and the methods by which they can access various resources.

 

As these products have matured and grown, they have extended the core platforms and services to offer stronger forms of authentication, authorization based on risk, and more detailed access definitions.  User provisioning based on roles and relationships has become critical, as well as the ability to virtualize identities.

 

Products that perform Identity and Access Management typically function in four areas; directory services, identity administration, access management, and audit.

 

Directory services are the key building blocks for most identity management platforms. The source of the data, the distribution of that data into the directories that require it, and who holds authority for maintaining the data in the directory are all aspects that must be managed carefully.

 

Identity administration can include user and group management, delegated administration, and approval workflows. Not only should it automate the process of forming, deleting or changing a user identity and associated privileges, there may also be a need for a user to delegate certain of their responsibilities to others in an automated fashion.

 

Access management allows IT professionals to control user access to enterprise resources. While identity administration manages the user identity data, access management is the guard at the door that determines which users may access what information.

 

Audit both related administrative and access activities. Organizations require the ability to demonstrate that account administration and access controls are performing according to policy.

 

Be sure to pilot the processes, not just the technology. Many organizations that have begun identity-management efforts say that business-process issues present bigger hurdles than the technology.  Document, document, document.  In the process of giving access to your resources to individuals, there can be no room for things to fall through the cracks.  Not giving someone all the resources they need to do their job is just plain irritating.  Removing an exiting employee from everywhere but (insert critical component here) could be disastrous.

 

Finally, watch out for industry consolidation.  As the security product space compresses and big names buy the little ones to get into the market or expand their portfolio or improve their technology or even blatantly squash competition, the product you buy today from the "other company" could be part of "the big company" before you know it.

 

Other Information about Identity and Access Management

EMC Corporation
Commercial
Pricing Model

Provides secure user access with self-contained two-factor authentication security tokens. The authentication process combines time, an algorithm and a unique identifier. You can enable multiple uses for key fob or card tokens. They can be set up to handl ...

Modified
RSA SecurID Hardware Authenticator
EMC Corporation
Commercial
Pricing Model

RSA SecurID Software Authenticator protects mobile users within your organisation with security tokens for their smartphones, tablets and PCs. It uses software tokens to secure access from popular mobile platforms, including iOS (iPhone, iPad), Android, B ...

Modified
RSA SecurID Software Authenticator
PistolStar Inc.
Service
Pricing Model

PistolStar, Inc. maker of PortalGuard offers an on-premise turnkey user authentication solution-set for companies with external-facing web applications to their employees, contractors, suppliers, and vendors. This all-in-one integrated design includes two ...

Modified
PortalGuard
Wave Systems Corp.
Commercial
Pricing Model

Wave Virtual Smart Card (VSC) uses secure hardware that already ships standard on most business-class laptops and tablets today: the Trusted Platform Module, or TPM, a hardware security chip developed by the Trusted Computing Group. Because TPM is an int ...

Modified
Wave Virtual Smart Card

OpenAthens LA (Local Authentication) is a locally installed identity and access management system that links to your internal user directory, providing your users with single sign-on (SSO) access to both internal and external web-based resources.OpenAthen ...

Modified
OpenAthens for IT teams

OpenAthens SP (Service Provider) standards-compliant access management solution enables you to support multiple access management federations and keep up to date with the latest standards and protocols as new technologies emerge. OpenAthens SP's simplicit ...

Modified
OpenAthens for Publishers

The OpenAthens Federation gives subscribing organisations (identity providers) and publishers (service providers) a framework to support information exchange using Shibboleth and SAML. Membership of the OpenAthens Federation includes a licence for use of ...

Modified
OpenAthens Federation

OpenAthens MD is a completely hosted solution that will enable your organisation to securely and effectively manage your users’ access to web-based resources, allowing access to services outside or within federations such as the UK Access Management Feder ...

Modified
Design Simulation Systems
Limited Free Trial
Pricing Model

A two-factor authentication , authorisation and access,  Identity as a Service system, with inherent single sign-on capability. Passwords and other data-at-rest information is protected by virtual encryption keys, known only to the system, and otherwise i ...

Modified
DSS Enterprise

© Computer Network Defence Limited 2021