Scenario: Understanding Identity and Access Management - 70129

Report Details

In this second document from our series outlining KuppingerCole’s basic positions on key issues sur-rounding Digital Identity, Security and Infrastructure Management, we will explore the cornerstones of Identity & Access Management, which is mostly known by its abbreviation “IAM”, along with current trends and ramifications for corporate IT systems.

IAM is primarily seen as a set of technologies which govern and regulate who is allowed access to which information stored or being processed within IT environments. Unfortunately, taking such a narrow technology-focused view deflects from the real value of IAM as a facilitator for creating business processes that are both more secure and more efficient than ever before. We see IAM as the key to unlocking IT’s true potential as a business enabler. In fact, in discussions within KuppingerCole, we often refer to “management by identity” instead of the classic “identity management”.
 
To really grasp the importance of IAM for a modern organization, it is necessary to take a holistic view, one that takes into account not only the technology itself, but also the business processes and the organizational structures it impacts. All of this ties into the Big Picture of Information Security, namely how to maintain the confidentiality, integrity and availability of data. It is about how to protect both the information and the information systems from attacks from without and within, for instance through unauthorized use, disclosure, modification, or destruction. It is also about being able to provide proof that none of these things have happened, either to internal auditors or to regulators or law enforcement authorities. Unlike such related fields as Computer Security and Information Assurance, Information Security is more about risk management, process control and business continuity and less about specific technical solutions. Information Security is about typing people, processes, and information. For this reason, we believe that IAM should be an important item of the agenda of top management within every organization since it affects strategy decisions. In short, leave the technical details to the experts, but make sure they know what is expected from them.

Which is not to say that technology is not an important issue; in fact reaching the goals set out in your IAM strategy will inevitably call for orchestrating a set of technologies, ranging from basic directories to specialized solutions for securing applications and databases. IT’s job is to bring all this together in a way that both protects and enables business.

IAM consists of building blocks, and in reality most organizations will not need all of them. In order to make informed decisions about which technologies are needed, KuppingerCole recommends following standard, tried-and-proven architectural approaches. Classically, this means either starting out by identifying use cases and taking a line from there, or alternatively asking the business units what they need and creating the appropriate business services, tweaking and fine-tuning them until they do the job they were requested for consistently, efficiently and at lowest possible cost.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Oct 06, 2011

Scenario: Understanding Identity and Access Management - 70129

In this second document from our series outlining KuppingerCole’s basic positions on key issues sur-rounding Digital Identity, Security and Infrastructure Management, we will explore the cornerstones of Identity & Access Management, which is mostly known by its abbreviation…

€995.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Latest Related Reports

Leadership Compass

Leadership Compass: IDaaS Access Management - 79016

A fast-growing market, IDaaS AM is largely characterized by cloud-based delivery of access management capabilities for business irrespective of the application and service delivery models. Improved time-to-value proposition prioritizes adoption of IDaaS for B2B, B2E and B2C access…

Leadership Brief

Leadership Brief: Access Reviews Done Right - 80195

Access reviews are considered important risk management controls in many organizations. They are intended to ensure that each user, process and system has always  only the minimum amount of access rights, which are necessary to perform associated tasks. In light of compliance,…

Executive View

Executive View: TrustBuilder Identity Hub - 80071

TrustBuilder Identity Hub is the Identity and Acess Management (IAM) platform from TrustBuilder that enables a context-aware and policy-driven approach to deliver a secure and seamless application integration. Targetted mostly at B2B and B2E use-case requirements, TrustBuilder is building…

Whitepaper

Whitepaper: IAM for Healthcare: It’s time to act - 80029

Healthcare organizations deal with highly sensitive information. They face challenges in complying with ever-tightening regulations, combating ever-increasing cyber risks, and adapting to Digital Transformation. Comprehensive healthcare IAM, beyond pure SSO, helps Healthcare organizations…

Whitepaper

Whitepaper: ForgeRock Identity Platform for PSD2 & API Security - 80049

The Revised Payment Service Directive (PSD2) promises to make the European Union (EU) cross-border transactions further transparent, faster and more secure while increasing competition and choice for consumers. To do so, Banks and other financial service providers must quickly make the…

Executive View

Executive View: WSO2 Identity Server - 80060

Identity Management solutions need to address the growing number of identities associated with applications and endpoints, as well as the ability to integrate with the diversity of application and service APIs. WSO2 Identity Server provides a comprehensive and flexible solution for the…

Executive View

Executive View: CyberArk Privileged Session Manager for Web - 79034

Securing and monitoring privileged access to cloud environments is a crucial security requirement, more so because privileged accounts are powerful, shared in nature and generally accessible from outside the organization. IAM leaders responsible for privileged access management (PAM) must…

Leadership Compass

Leadership Compass: Privileged Access Management - 79014

Privileged Access Management (PAM), over the last few years, has evolved into a set of crucial technologies that addresses some of the most urgent areas of Cybersecurity today. Continuing the growth trajectory, the PAM market has entered a phase of consolidation characterized by increased…

Executive View

Executive View: Ilantus Compact Identity - 80052

IDaaS is fast becoming the new face of Identity and Access Management (IAM) with several vendors now delivering cloud-based IAM services to support the whopping cloud uptake by the business. Ilantus Compact Identity is an entry level enterprise IDaaS offering targeted at SMB customers to…

Leadership Compass

Leadership Compass: Access Management and Federation - 71147

This Leadership Compass provides insights to the leaders in innovation, product features, and market reach for Web Access Management and Identity Federation on-premises platforms. Your compass for finding the right path in the market.

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Don’t Blame the Cloud for Capital One’s Troubles

After the recent Capital One breach, some commentators have suggested that cloud security is fundamentally flawed. Like many organizations today, Capital One uses Amazon Web Services (AWS) to store data, and it was this that was targeted and successfully stolen. In the case of Capital One it was process, not technology, that failed. The company failed on three points to secure its data properly using the extended tool sets that AWS provides. It relied only on the default encryption settings in [...]

Latest Insights

Hot Topics

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00