Identity & Access Management (IAM)

Identity & Access Management (IAM)

• IAM: Framework of technologies, policies, and processes to ensure the right people/systems have proper access at the right time.
• Core Components: Identity management, authentication, authorization, SSO, MFA, PAM, audit & compliance.
• Identity Management: Creates, stores, and manages digital identities; covers provisioning, de-provisioning, and lifecycle management.
• Authentication: Verifies identity via passwords, MFA, biometrics, or single sign-on.
• Authorization (Access Control): Determines resource access using RBAC, ABAC, or PBAC models.
• Privileged Access Management (PAM): Restricts and monitors high-level accounts (admins, root users).
• Benefits: Improves security, enhances user experience, ensures regulatory compliance, increases operational efficiency, enables Zero Trust.
• Use Cases: Controlling cloud app access, MFA for remote workers, automated onboarding/offboarding, limiting vendor access, securing privileged accounts.
• Leading Solutions: Okta, Microsoft Entra ID (Azure AD), Ping Identity, IBM Security Verify, CyberArk, Duo Security, ForgeRock.
• IAM in Security Stack: First line of defense; integrates with DLP, EDR/NDR, SIEM/SOAR to prevent unauthorized access and detect threats.