Identity and Access Management (IAM)

The primary purpose of account management and access controls is to manage the relationship between the subject (user or system) and the object (data/resource).  IAM will encompass the account provisioning lifecycle which has three distinct phases:

  1. creation
  2. management
  3. deletion

3 Account Provisioning Lifecycle phases

All stages of the life cycle need to be carefully managed.  One of the greatest weaknesses of any network is the poor management of accounts.  Inherited credentials (when an employee moves between departments and does have old privileges removed) and not promptly deleting or deactivating accounts when a member of staff leaves the organisation are two of the most common issues seen in this area. 

When considering access rights, the principle of least privilege should be applied.  This ensures that users only have access to the data that they need to.

When a user tries to access data they will begin the access control lifecycle.  This has four phases:

  • Identification
  • Authentication
  • Authorisation
  • Access

Improving the authentication of a user (by adding a second or third factor) is perhaps the most widely adopted and effective access control.  Multi Factor authentication comprises of something you have, something you know and something you are. 

  • Something you have could be a token or card
  • Something you know may be a password or pin
  • Something you are could include biometrics like IRIS or fingerprint scanning

Talk with an Expert

Speak with a solutions expert or architect. Give us a call or leave a message. Our team is ready for your business.

Share this page:

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here.