Scenario: Understanding Identity and Access Management - 70129

Report Details

In this second document from our series outlining KuppingerCole’s basic positions on key issues sur-rounding Digital Identity, Security and Infrastructure Management, we will explore the cornerstones of Identity & Access Management, which is mostly known by its abbreviation “IAM”, along with current trends and ramifications for corporate IT systems.

IAM is primarily seen as a set of technologies which govern and regulate who is allowed access to which information stored or being processed within IT environments. Unfortunately, taking such a narrow technology-focused view deflects from the real value of IAM as a facilitator for creating business processes that are both more secure and more efficient than ever before. We see IAM as the key to unlocking IT’s true potential as a business enabler. In fact, in discussions within KuppingerCole, we often refer to “management by identity” instead of the classic “identity management”.
 
To really grasp the importance of IAM for a modern organization, it is necessary to take a holistic view, one that takes into account not only the technology itself, but also the business processes and the organizational structures it impacts. All of this ties into the Big Picture of Information Security, namely how to maintain the confidentiality, integrity and availability of data. It is about how to protect both the information and the information systems from attacks from without and within, for instance through unauthorized use, disclosure, modification, or destruction. It is also about being able to provide proof that none of these things have happened, either to internal auditors or to regulators or law enforcement authorities. Unlike such related fields as Computer Security and Information Assurance, Information Security is more about risk management, process control and business continuity and less about specific technical solutions. Information Security is about typing people, processes, and information. For this reason, we believe that IAM should be an important item of the agenda of top management within every organization since it affects strategy decisions. In short, leave the technical details to the experts, but make sure they know what is expected from them.

Which is not to say that technology is not an important issue; in fact reaching the goals set out in your IAM strategy will inevitably call for orchestrating a set of technologies, ranging from basic directories to specialized solutions for securing applications and databases. IT’s job is to bring all this together in a way that both protects and enables business.

IAM consists of building blocks, and in reality most organizations will not need all of them. In order to make informed decisions about which technologies are needed, KuppingerCole recommends following standard, tried-and-proven architectural approaches. Classically, this means either starting out by identifying use cases and taking a line from there, or alternatively asking the business units what they need and creating the appropriate business services, tweaking and fine-tuning them until they do the job they were requested for consistently, efficiently and at lowest possible cost.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Oct 06, 2011

Scenario: Understanding Identity and Access Management - 70129

In this second document from our series outlining KuppingerCole’s basic positions on key issues sur-rounding Digital Identity, Security and Infrastructure Management, we will explore the cornerstones of Identity & Access Management, which is mostly known by its abbreviation…

€995.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Latest Related Reports

Executive View

WALLIX Bastion

WALLIX Bastion is a PAM solution that offers the fundamentals of session management, password management and access management as well as more advanced features such as PEDM and privileged management for machines and applications. The product also provides detailed session recording,…

Whitepaper

Identity Governance Herausforderungen mit ForgeRock Autonomous Identity bewältigen

Die meisten Organisationen sehen den Vorteil von Identity Governance und Administration (IGA), erkennen jedoch, dass es in der Praxis Herausforderungen hat, denn bestimmte Aufgaben sind komplex und schwerfällig. Bestehende IGA-Lösungen kommen dadurch an ihre Grenzen und werden als…

Whitepaper

Overcoming Identity Governance Challenges with ForgeRock Autonomous Identity

Most organizations see the value of identity governance and administration (IGA). However, they recognize that it has its challenges in practice, with certain tasks being complex and cumbersome. As a result, existing IGA solutions are faltering. Dynamic businesses require new approaches…

Leadership Compass

Privileged Access Management for DevOps

Privileged Access Management (PAM) is an important area of access risk management and identity security in any organization. Privileged accounts have traditionally been given to administrators to access critical data and applications. But, changing business practices, hybrid IT, cloud and…

Leadership Compass

Access Management

This Leadership Compass provides insights to the leaders in innovation, product features, and market reach for Access Management on-premises, cloud, and hybrid platforms. Your compass for finding the right path in the market.

Whitepaper

Technical Approaches to Consent Management and Dynamic Access Management: Ping Identity

Privacy regulations are changing the way organizations handle personal information. GDPR was not the first and will not be the last to require data handlers to collect consent from users. Many Consumer Identity platforms have added in consent management features, and specialty Privacy and…

Whitepaper

Leveraging Your Organization's Expertise: Departmental IAM Services for the Business

To benefit from existing domain know-how within an organization, it is becoming increasingly important to involve different business stakeholders in administration, review, and maintenance processes. Dedicated, specialized and lean IAM services are a sustainable and efficient approach to…

Executive View

UNITY: IGA Modernization Framework by Persistent

Inevitably, every organization with digital security and governance requirements will go through iterations of IAM and IGA system modernization efforts. Persistent Systems' Unity provides the necessary migration framework to facilitate an IGA modernization transition.

Buyer's Compass

Buyer’s Compass: Access Management

Access Management capabilities are well-established in the broader scope of IAM and are continuing to gain attraction due to emerging requirements for integrating business partners and customers. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors,…

Executive View

IdentityIQ – SailPoint

IdentityIQ continues to provide organizations with a comprehensive solution to their identity management requirements. With the recent advances in predictive identity management, the tool reduces manual intervention and improves accuracy of user entitlements. The latest release adds cloud…


KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

Informatica is Moving Data Management to the Cloud

Informatica is Moving Data Management to the Cloud
Martin Kuppinger

Introducing Intelligent Data Management Cloud (IDMC) as a Comprehensive, Cloud-Native, and Cloud-First Approach to Data Management Data is the new gold, the new oil, or whatever. In the cloud, you only own the data, but not the applications, systems, or networks anymore. Data is essential for Digital Transformation. There is so much data that is sprawling that it is hard to keep control of it. And, within the SaaS and PaaS tenants, data is what belongs to the tenant. Many organizations fail in [...]

Latest Insights

Hot Topics


Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00