What is Identity and Access Management?

Identity and Access Management (IAM) is an umbrella term for processes within an organization that focus on administering and managing users and resources in the network including the access of users to applications and systems.

Identity and Access Management includes functionality to manage the identity of a user in the network. These are primarily for authenticating the user in the network and accessing the rights that this user in the network, the so-called authorization.

IAM Authentication

With regard to Identity the end user must prove that they are who they says they are. The most common mechanism is by being able to remember a username and password combination. Other mechanism (forms authentication) is the combination of 'remembering something' with having something physical. For example, a key card, mobile phone, token, fingerprint, etc. The latter are often called strong forms of authentication or two-factor Authentication.

IAM Authorization

In addition to the authentication, authorization plays a strong role in Identity and Access Management. The authorization determines which items (resources) a user can access in the network. These resources include: systems, applications, printers, shares, etc. Where the authentication is fairly simple, the authorization is often a complex set of rules. Depending on the position that a person has in an organization the access privileges vary on the network.