Identity and Access Management (IAM) is a generic term for an organization's internal processes for administering and managing user accounts and corporate network resources, including access rights for organizations. users to applications and systems. The integration of an identity management will help formalize and automate the process of empowering people. This objective must necessarily go through a stage of mapping the rights of users and the qualification of these rights. Before reaching a map with a single repository of users and resources, it will be more practical to map the existing, analyze and develop it.
For security reasons, identity and access management tools should work as an application on a dedicated server or appliance, internally or in cloud mode. At its core, this identity management system embodies the policies defining what terminals and users are allowed to do on the network, as well as what a user is entitled to perform depending on the terminal that he uses, from its location, and other factors. All this also depends on the features provided by the administrative console: definition of strategic, reporting, alerts, alarms, and other common requirements, administrative or operational.
For example, an alarm may be triggered when a user tries to access resources for which he has no authorization. In order to protect the access to the resources of an IS, the first concern of a system administrator is to be able to easily create and manage new accounts with the appropriate authorizations.
Different strategies exist for this. Some do this indirectly by assigning entitlements to roles rather than entities. For some particularly sensitive services, an administrator must also be able to require a more rigorous authentication procedure. The system administrator must finally ensure the security and integrity of the authentication data to prevent identity theft. A unique attribute differentiates us from other online users. It can be an e-mail address, a phone number or social security. We receive attributes from our employers: our function, the department or division to which we belong, the roles we play in projects or in the corporate hierarchy.
The attributes that relate to our private and professional lives are not the same and change over time when we take on a new job, we move, we get married, and so on. The benefits of implementing an IAM solution include any time savings in administration, better security through finer control of application access rights and the life cycle of accounts. integration of authentication solutions that will facilitate the integration or updating of the rights of each user. The implementation of such a solution requires to set access rights and identify each user.