Home / Identity and Access Management

Identity and Access Management

Share on Facebook Share on Twitter Share on LinkedIn

Identity and access management " IAM " is responsible for the administration of users and their access rights within the " commercial " network. With this management, the company maintains control over which users log in and make edits in systems, applications, databases, etc. Users can vary from employees to customers or suppliers.

IAM practical implementation

Identity and access management deals with the registration of user access rights and determines what operations they can perform. In order to do all this, technical solutions are needed. The IAM is present, to some extent, generally in an ERP system as one of its functionalities, in a document management system or in the Human Resources system. However, you may need additional security. If so, it might be interesting to add an identity and access management system that links to existing packages or databases. An example of an IAM system is Azure, which works with cloud systems.

How does identity and access management software work?

IAM systems have two functions. The first, verify the identity of those who want to log in. And the second, determine what authorizations the user has. Both functions can be performed in different ways.

Verify identity

The first thing that's done in identity and access management is to find out who starts in the system or in the database. The simplest way to confirm identity is by combining username and password. To do it in a more advanced way it's done with the authentication of multiple factors, it can be a code that's sent to the user to the mobile, a fingerprint, a key card, etc.

Check authorization level

After the identification of the user is confirmed, the next step of the IAM system is to manage access. Thanks to this, the user acquires personalized access based on a complex set of authorization rules that are stored in the system. The adjustments depend on each company, but generally what they take into consideration is the function, their position or authority and the competence of the employee. In the case of customers " B2B ", the possibility of logging into, for example, a web store, the location can be very important. A case may be that of an American customer who is denied access to a French web store.

The access control can, for example, start with the choice of which " groups of " employees will be limited users and who, full users in the enterprise system. This can already make a difference in access control, as some employees can only check the system and others also have permission to edit. Another example of access control is restrictions on certain parts within the system. In this way, the chief executives and the Human Resources director can enter the personnel report, while other users don't have access to this section.

Immediate access to different systems

There are certain cases in which it's useful that, through a single login, employees can access different systems or applications. The only authentication, or Single Sign-On " SSO " allows access with a single login. For example, with a single authentication, an employee can access both the customer database and market research data. However, this type of authentication doesn't mean that the user receives a full access authorization on all applications or information within a company. The IAM software regulates the established authorization rules and provides access based on individual identification.

From IAM to IGA

IGA or Identity Governance and Administration is basically a new name for Identity and Access Management. However, the name change comes due to a new way of acting in which the focus changes, emphasizing the company's policy. Originally, the user was created and then granted access authorizations. Now this process is reversed. First, IGA analyzes the policy for which information or systems are opened.

The IGA approach may seem to be a minor or irrelevant adjustment, but it often means a world of difference for companies. Companies are increasingly expected to represent processing activities. The IGA management system helps companies meet the growing audit and compliance requirements. In the context of the General Data Protection Regulation, in particular, it's essential that companies can demonstrate who can see and edit each information, and be able to justify why it provides them.

See also:
Back to top

Home | About Us | Contact | Privacy Policy | Terms of Use

Copyright 2011 - 2019 - All Rights Reserved