Identity and Access Management (IAM): Agree or Disagree?????

Trevor Chandler

Well-known member
Jul 4, 2020
107
108
15,386
I'm going to make some statements, and I would like for you
to simply indicate whether you AGREE or DISAGREE. If you
AGREE, keep it movin'. If you DISAGREE, share with me why,
if you don't mind. If you neither AGREE or DISAGREE, you
can indicate that you have no opinion (or none of my business :) )

Okay, here we go:

- To define Identity and Access Management, depends on the organization and its
tools. One size does not fit all.

- Identity and Access Management encapsulates how companies control user accounts,
passwords, and access levels.

- Identity and Access Management is a framework (I loathe the term framework)
that comprises several elements, that manage computer system identities

- The four components of an Identity and Access Management system are:
1) User management
2) Authentication
3) Authorization
4) Identity governance

- One of the reasons businesses use Identity and Access Management is because it
offers fine-grained control over users and access.

- Authentication and Authorization - are a couple of key concepts shared by all
Identity and Access Management systems.

- Authentication - focus is on how users can log on to an account

- Authorization - focus is on controlling which resources users can access
Note: Users gain authorization based on their role in the organization or their group

- Identity governance is a crucial component of Identity and Access Management
Note: Identity governance defines how an organization manages user roles
and permissions. Identity governance ensures that users have the
correct access level, and provides methods to audit user access levels.

- Identity and Access Management provides a centralized method for user access
control

- Regulatory compliance is a benefit of an Identity and Access Management system

- Identity and Access Management systems keep records readily available for auditing

- An LDAP server provides centralized user and password management. Is an LDAP
server an Identity and Access Management system?

- An Active Directory server provides centralized user and password management. Is
an Active Directory server an Identity and Access Management system?


Okay, that's it. Let me know what you think (or what you know)! Please, no inflammatory
remarks or comments - I'm sensitive :devilish:
 
Last edited:
  • Like
Reactions: Kwabena Fred
I'm going to make some statements, and I would like for you
to simply indicate whether you AGREE or DISAGREE. If you
AGREE, keep it movin'. If you DISAGREE, share with me why,
if you don't mind. If you neither AGREE or DISAGREE, you
can indicate that you have no opinion (or none of my business :) )

Okay, here we go:

- To define Identity and Access Management, depends on the organization and its
tools. One size does not fit all.
-> YES
- Identity and Access Management encapsulates how companies control user accounts,
passwords, and access levels.

- Identity and Access Management is a framework (I loathe the term framework)
that comprises several elements, that manage computer system identities

- The four components of an Identity and Access Management system are:
1) User management
2) Authentication
3) Authorization
4) Identity governance

- One of the reasons businesses use Identity and Access Management is because it
offers fine-grained control over users and access.

- Authentication and Authorization - are a couple of key concepts shared by all
Identity and Access Management systems.
-> YES
- Authentication - focus is on how users can log on to an account
-> YES
- Authorization - focus is on controlling which resources users can access
Note: Users gain authorization based on their role in the organization or their group
-> YES
- Identity governance is a crucial component of Identity and Access Management
Note: Identity governance defines how an organization manages user roles
and permissions. Identity governance ensures that users have the
correct access level, and provides methods to audit user access levels.

- Identity and Access Management provides a centralized method for user access
control
->usually, but not a must.
- Regulatory compliance is a benefit of an Identity and Access Management system
-> or the otherway around. you can maitain Complaiynce with the IAM.
- Identity and Access Management systems keep records readily available for auditing
-> If enabled..
- An LDAP server provides centralized user and password management. Is an LDAP
server an Identity and Access Management system?
-> imho no. But depending on the LDAP Solution.
- An Active Directory server provides centralized user and password management. Is
an Active Directory server an Identity and Access Management system?
-> YES
Mine in Bold...
 
  • Like
Reactions: Trevor Chandler