Scenario: Understanding Identity and Access Management - 70129

Report Details

In this second document from our series outlining KuppingerCole’s basic positions on key issues sur-rounding Digital Identity, Security and Infrastructure Management, we will explore the cornerstones of Identity & Access Management, which is mostly known by its abbreviation “IAM”, along with current trends and ramifications for corporate IT systems.

IAM is primarily seen as a set of technologies which govern and regulate who is allowed access to which information stored or being processed within IT environments. Unfortunately, taking such a narrow technology-focused view deflects from the real value of IAM as a facilitator for creating business processes that are both more secure and more efficient than ever before. We see IAM as the key to unlocking IT’s true potential as a business enabler. In fact, in discussions within KuppingerCole, we often refer to “management by identity” instead of the classic “identity management”.
 
To really grasp the importance of IAM for a modern organization, it is necessary to take a holistic view, one that takes into account not only the technology itself, but also the business processes and the organizational structures it impacts. All of this ties into the Big Picture of Information Security, namely how to maintain the confidentiality, integrity and availability of data. It is about how to protect both the information and the information systems from attacks from without and within, for instance through unauthorized use, disclosure, modification, or destruction. It is also about being able to provide proof that none of these things have happened, either to internal auditors or to regulators or law enforcement authorities. Unlike such related fields as Computer Security and Information Assurance, Information Security is more about risk management, process control and business continuity and less about specific technical solutions. Information Security is about typing people, processes, and information. For this reason, we believe that IAM should be an important item of the agenda of top management within every organization since it affects strategy decisions. In short, leave the technical details to the experts, but make sure they know what is expected from them.

Which is not to say that technology is not an important issue; in fact reaching the goals set out in your IAM strategy will inevitably call for orchestrating a set of technologies, ranging from basic directories to specialized solutions for securing applications and databases. IT’s job is to bring all this together in a way that both protects and enables business.

IAM consists of building blocks, and in reality most organizations will not need all of them. In order to make informed decisions about which technologies are needed, KuppingerCole recommends following standard, tried-and-proven architectural approaches. Classically, this means either starting out by identifying use cases and taking a line from there, or alternatively asking the business units what they need and creating the appropriate business services, tweaking and fine-tuning them until they do the job they were requested for consistently, efficiently and at lowest possible cost.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Oct 06, 2011

Scenario: Understanding Identity and Access Management - 70129

In this second document from our series outlining KuppingerCole’s basic positions on key issues sur-rounding Digital Identity, Security and Infrastructure Management, we will explore the cornerstones of Identity & Access Management, which is mostly known by its abbreviation…

€995.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Latest Related Reports

Leadership Brief

Leadership Brief: IAM for Robotic Process Automation: How to Avoid Security Challenges - 80383

Robotic Process Automation (RPA) is one of the trending topics in today’s IT environments. RPA promises to automate manual tasks within business processes by implementing (software) “robots” that perform these tasks instead of humans. Such software robots must have a…

Executive View

Executive View: Sovrin Network Self-Sovereign Identity - 80112

Expectations are changing for Identity and Access Management. Users demand control over their personal information, and enterprises need to fundamentally rethink their relationship to personal customer data in the wake of GDPR and CCPA. Self-Sovereign Identity (SSI) from the Sovrin Network…

Whitepaper

Whitepaper: Digital Transformation for Business Enablement Requires a Modern Identity Fabric - 80165

Digital Identities are at the heart of the Digital Transformation. Without the ability to unify identities and manage the access of everyone to everything  to every digital service effectively, transformation initiatives will fail. Business can’t afford to implement these…

Whitepaper

Whitepaper: Modern Identity Fabrics: A Cornerstone of your Digital Strategy - 80170

Digital Transformation is ubiquitous. Creating new digital business services changes the way IAM needs to be done. Instead of managing existing applications, IAM has to provide identity services that can be consumed by digital services. Focus is shifting from modern UIs for managing…

Buyer's Compass

Buyer's Compass: Blockchain ID - 80050

Blockchain identity solutions are developing into a viable segment in IAM. Because the market segment is still very heterogeneous and gaining maturity, selecting a vendor to provide blockchain ID solutions should be done with care. This KuppingerCole Buyer’s Compass will equip you…

Executive View

Executive View: Identity Automation’s RapidIdentity Solution - 80028

Identity Automation’s RapidIdentity is an Identity and Access Management (IAM) solution that targets the specific requirements of healthcare organizations. Beyond delivering standard IAM capabilities, RapidIdentity helps healthcare organizations access a unified solution instead of…

Executive View

Executive View: ForgeRock Access Management - 80319

ForgeRock Access Management is a full-featured Identity and Access Management (IAM) system, and a primary component in their Identity Platform.  It provides numerous authentication options, an intelligent adaptive risk engine, identity federation, and advanced policy-based…

Whitepaper

Whitepaper: Modern B2B Identity Management - 80135

With Business-to-Business (B2B) transformation comes digital initiatives to better connect B2B customer systems and supply chain services, and in doing so, Identity and Access Management (IAM) becomes a crucial consideration. IAM shares standard features that can be used in B2E or B2C use…

Architecture Blueprint

Architecture Blueprint: Identity and Access Management - 72550

IAM has been one of the central security infrastructures for many years. The changing role and importance of digital identities leads to fundamental changes in IAM architectures. The challenges for a future proof IAM are complex, diverse and sometimes even conflicting. Organization demand…

Executive View

Executive View: Atos DirX Access - 80167

Atos DirX Access is a mature solution for Access Management, covering the full range of targets from legacy web applications to modern SaaS services. It comes with comprehensive support for modern standards, including FIDO 2.0. A specific strength is the support for specific capabilities…

Discover KuppingerCole

KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

The C5:2020 - A Valuable Resource in Securing the Provider-Customer Relationship for Cloud Services

KuppingerCole has accompanied the unprecedented rise of the cloud as a new infrastructure and alternative platform for a multitude of previously unimaginable services – and done this constructively and with the necessary critical distance right from the early beginnings (blog post from 2008). Cybersecurity, governance and compliance have always been indispensable aspects of this. When moving to the use of cloud services, it is most important to take a risk-based approach. There is [...]

Latest Insights

Hot Topics

Spotlight

AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00