CyberArk Glossary >

What is Identity and Access Management (IAM)?

IT and security organizations use Identity and Access Management (IAM) solutions to administer user identities and control access to enterprise resources. IAM solutions ensure the right individuals have access to the right IT resources, for the right reasons, at the right time. They are a fundamental component of a defense-in-depth security strategy and are critical for defending IT systems against cyberattacks and data loss.

Key IAM features:

  • Single Sign-On – Most IAM solutions support Single Sign-On (SSO) functionality that lets users access all their business applications and services using one set of login credentials. SSO improves user satisfaction by eliminating password fatigue. It streamlines IT operations by centralizing and unifying administrative functions. And it strengthens security by eliminating risky password management practices, reducing attack surfaces, and security gaps.
  • Adaptive Multi-Factor Authentication – Most IAM solutions provide Adaptive Multi-Factor Authentication (MFA) functionality to protect against impersonation and credential theft. With MFA, a user must present multiple forms of evidence to gain access to a system, for example, a password or fingerprint and an SMS code. Modern MFA solutions support adaptive authentication methods, using contextual information (location, time-of-day, IP address, device type, etc.) and administratively defined policies to determine which authentication factors to apply to a particular user in a specific situation.
  • User provisioning and lifecycle management – Most IAM solutions provide administrative tools for onboarding and Lifecycle Management to managing user’s access privileges throughout their course of employment. They provide self-serve portals that let users request access rights and update account information without help desk intervention. And they provide monitoring and reporting capabilities to help corporate IT and security teams support compliance audits and forensics investigations.

Identity as a Service Solutions Deliver Cloud Economics and Agility

Historically, most businesses used on-premises IAM solutions to manage user identities and access privileges. Today, many organizations use Identity as a Service (IDaaS) offerings to simplify operations, accelerate time-to-value, and support digital transformation initiatives. An IDaaS offering is an IAM solution delivered as a cloud-based service, hosted and managed by a trusted third party.

IDaaS solutions combine all the functions and benefits of an enterprise-class Identity and Access Management solution with all the economic and operational advantages of a cloud-based service. They help businesses reduce risk, avoid IT infrastructure cost and complexity, and accelerate digital transformation.

IDaaS offerings are ideal for the cloud-first, mobile-first model of IT. They provide centralized, cloud-based identity management and access controls for SaaS solutions and enterprise applications running in public or private clouds. They support identity federation standards like SAML, Oauth, and OpenID Connect that let users access all their applications with one set of credentials. And they make it easy for enterprises to extend access to suppliers, business partners, and contract workers.

Businesses can also use IDaaS solutions to provide remote access to traditional enterprise applications hosted in corporate data centers. Leading IDaaS solutions support app gateways that allow remote workers to securely access conventional enterprise applications without special-purpose VPN appliances or special endpoint client software.

IDaaS solutions help businesses:

  • Eliminate cost and complexity – IDaaS solutions help businesses avoid capital equipment expenses, simplify IT operations, and free up IT staff to focus on core business initiatives.
  • Accelerate time-to-value – Businesses can deploy IDaaS solutions quickly and easily, with little or no on-premises technology to deploy, configure, or maintain.
  • Reduce risks – IDaaS solutions strengthen security by eliminating risky password management practices and by reducing vulnerabilities and attack surfaces.
  • Improve user experiences – IDaaS offerings improve user satisfaction by eliminating password fatigue and allowing users to access all their applications in a consistent manner, using a single set of credentials

Learn More About Identity and Access Management (IAM)

 

 

其他詞匯