What Is an IdM and How to Discover If You Need One

IdM is an abbreviation for “Identity Management,” i.e., management of user accounts. Let’s turn to Wikipedia:

“IdM is the security discipline that enables the right individuals to access the right resources at the right times and for the right reasons.”

Interestingly Wikipedia takes this definition from the Gartner IT Glossary. 

I would like to expand this definition: IdM is a set of approaches, practices, technologies, and software that deal with managing user credentials and access control systems aimed at improving the security and performance of information systems while reducing costs, optimizing downtime, and reducing the number of repetitive tasks.

So, we see that the essence of identity and access management is not a single system where one can hit a button called “Let’s make it.” IdM is a whole complex of activities and systems that include:

  • Defining the objectives of the above activities.
  • Concretization of the approach aimed at achieving the chosen goals.
  • Building processes and procedures.
  • Distribution of roles in the business structure.
  • Choosing a solution that will manage user rights and identities.
  • The actual implementation of the IdM solution.

Well, we sorted it out. However, still:

  • What exactly does IdM involve?
  • What procedures and processes are relevant to this activity?

Now we came to the most interesting part. It is interesting because it is difficult to find an exact indication of what relates to identity and access management, and what does not. Identity Management is a very broad term that includes many concepts. In practice, we systematically encounter the fact that each organization has its own view of identity and access management.

Do you remember a parable about three blind people trying to describe an elephant: one of them approached the elephant from behind, felt the tail and said that the elephant is (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by David Balaban. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/o1wdsdN4evg/