Definition of Cloud Identity and Access Management (IAM)

Definition of Cloud Identity and Access Management Written Over A Woman's Face

Identity and access management (IAM) is a cornerstone of IT and has been for decades. Yet, with the majority of traditional on-prem IT infrastructure migrating to the cloud via vendors such as AWS® and GCP and applications shifting to the web (e.g. Slack, G Suite, O365, GitHub, and tens of thousands of others), IT admins are wise to wonder if IAM will follow suit. The risk of fragmenting identities across systems, applications, files, and networks is a very real threat that many admins face with the shift to the cloud. Thankfully, there is a solution that encapsulates virtually all IT resources into a single panel. First, though, let’s explore the definition of cloud identity and access management.

What is cloud identity and access management?

Identification CardIn order to get a grasp on what cloud identity management is, we need to understand IAM as a whole. The overarching concept of IAM is simple enough; IAM makes it so that the right users are able to access the right IT resources, securely. In practice, the concept ensures that members of the marketing team, for example, aren’t accessing source code repositories from engineering and engineering isn’t reviewing financial data in the account system. Or, IAM ensures that students aren’t accessing the teacher’s WiFi network. Essentially, the concept describes the ability to manage core user identities and their access to various IT resources across a network.


IAM Then

Map of IAM thenBack in the day, circa 1999, there was one on-prem enterprise software product that predominantly managed systems in an organization’s IT environment. That solution was Microsoft® Active Directory® (MAD or AD). Built upon the LDAP and Kerberos protocols, AD was able to take the world by storm because the majority of IT infrastructure, systems, and applications were Windows®-based. It made sense that a Windows-based identity provider federated access to Windows systems and applications as well as wired networks. But, with the introduction of web apps that authenticated and authorized via SAML, AD needed add-on solutions to federate AD credentials to web applications. Further, IT admins (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: