IFRAME: //www.googletagmanager.com/ns.html?id=GTM-PWWZSH
(BUTTON) SearchSecurity TechTarget TechTarget (BUTTON) Search the
TechTarget Network ____________________ (BUTTON)
Sign-up now. Start my free, unlimited access.
Login Register
* Techtarget Network
* News
* Features
* Tips
* More Content
+ Answers
+ Buyer's Guides
+ Definitions
+ Essential Guides
+ Opinions
+ Photo Stories
+ Podcasts
+ Quizzes
+ Tutorials
+ Sponsored Communities
* Schools
* SearchSecurity
* Topic Identity and access management
+ Data security
+ Network security
+ Security training and jobs
+ Infosec programs
+ Risk management strategies
+ Information security threats
+ Network threat detection
+ Platform security
+ Security compliance
+ Software security
+ Web security tools
+ Wireless and mobile security
+ All Topics
* SubTopic All Subtopics
+ Active Directory
+ Biometrics
+ Password management
+ Digital certificates
+ Access management
+ SSO and federated identity
+ Multifactor authentication
+ Web access control
+ All Subtopics
* Follow:
*
*
*
Essential Guide
Browse Sections
* Au revoir, passwords; bon jour multifactor authentication
+ Setting up two-factor authentication in the enterprise
+ Get up to date on two major advances in authentication
+ It's time to move on from the password era of authentication
+ Explore the knowledge factors that work best with mobile
+ Does a multifactor authentication app really work?
* Effective IAM strategy and advanced tech truly vital now
+ FIDO, all grown up now and ready to work
+ Time to modernize your approach to access governance
+ IAM systems get schooled by machine learning
+ Identity federation management: The pros and the cons
+ Move over password; here come cryptographic keys
* A glossary of key identity and access governance terms
+ access governance (AG)
+ identity management (ID management)
+ principle of least privilege (POLP)
+ identity and access management (IAM)
+ privilege creep
+ federated identity management
+ FIDO (Fast Identity Online)
[essentialguide_defaultBG.jpg]
BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
This content is part of the Essential Guide: Advances in access
governance strategy and technology
Definition
identity management (ID management)
[rouse_margaret.jpg]
Posted by: Margaret Rouse
WhatIs.com
Contributor(s): Linda Rosencrance, Craig Mathias
* Share this item with your network:
*
*
*
*
*
*
*
*
*
+
+
+
+
+
Identity management (ID management) is the organizational process for
identifying, authenticating and authorizing individuals or groups of
people to have access to applications, systems or networks by
associating user rights and restrictions with established identities.
The managed identities can also refer to software processes that need
access to organizational systems.
Identity management includes authenticating users and determining
whether they're allowed access to particular systems. ID management
works hand-in-hand with identity access management systems. Identity
management is focused on authentication, while access management is
aimed at authorization.
ID management determines whether a user has access to systems, but also
sets the level of access and permissions a user has on a particular
system. For instance, a user may be authorized to access a system but
be restricted from some of its components.
The main goal of identity management is to ensure that only
authenticated users are granted access to the specific applications,
systems or IT environments for which they are authorized. This includes
control over user provisioning and the process of onboarding new users
such as employees, partners, clients and other stakeholders. Identity
management also includes control over the process of authorizing system
or network permissions for existing users and the offboarding of users
who are no longer authorized to access organization systems.
Identity governance, the policies and processes that guide how roles
and user access should be administered across a business environment,
is also an important aspect of identity management. Identity governance
is key to successfully managing role-based access management systems.
Importance of identity management
Identity management is an important part of the enterprise security
plan, as it is linked to both the security and productivity of the
organization.
In many organizations, users are granted more access privileges than
they need to perform their functions. Attackers can take advantage of
compromised user credentials to gain access to organizations' network
and data. Using identity management, organizations can safeguard their
corporate assets against many threats including hacking, ransomware,
phishing and other malware attacks.
Identity management systems can add an additional layer of protection
by ensuring user access policies and rules are applied consistently
across an organization.
An identity and access management (IAM) system can provide a framework
that includes the policies and technology needed to support the
management of electronic or digital identities. Many of today's IAM
systems use federated identity, which allows a single digital identity
to be authenticated and stored across multiple disparate systems.
identity management An IAM service contains many pieces.
An IAM system can also be used to deploy single sign-on (SSO)
technologies to significantly decrease the number of passwords users
need; SSO incorporates a federated-identity approach by using a single
login and password to create an authentication token that can be
accepted by various enterprise systems and applications. Combined with
multifactor authentication as well as enforceable security policies
such as the principle of least privilege, which gives users only the
access they require to fulfill their roles, enterprises can lower the
risk of security breaches.
Challenges of implementing identity management
To successfully implement identity management, an enterprise must be
able to plan and collaborate across business units. Organizations that
establish identity management strategies with clear objectives, defined
business process and buy-in from stakeholders at the outset will more
likely be successful. Identity management works best when IT, security,
human resources and other departments are involved.
Identity management systems must allow companies to automatically
manage multiple users in different situations and computing
environments in real time. It's just not feasible to manually adjust
access privileges and access controls for hundreds or thousands of
users. Additionally, authentication must be simple for users to
perform, easy for IT to deploy and secure.
One of the top challenges of implementing identity management is
password management. The functions of creating, updating and deleting
passwords can have real costs that organizations want to reduce.
Consequently, IT professionals should investigate techniques that can
reduce the impact of these password issues in their companies.
For security reasons, tools for managing identity management should run
as an application on a dedicated network appliance or server, either on
premises or in the cloud. At the core of an identity management system
are policies defining which devices and users are allowed on the
network and what a user can accomplish, depending on device type,
location and other factors. All of this also depends on appropriate
management console functionality, including policy definition,
reporting, alerts, alarms and other common management and operations
requirements. An alarm might be triggered, for example, when a specific
user tries to access a resource for which they do not have permission.
Reporting produces an audit log documenting what specific activities
were initiated.
Many identity management systems offer directory integration, support
for both wired and wireless users, and the flexibility to meet almost
any security and operational policy requirement. Because bring your own
device (BYOD) is so strategic today, time-saving features such as
automated device onboarding and provisioning, support for a variety of
mobile operating systems and automated device status verification are
becoming common.
Business benefits of identity management
In addition to managing employees, the use of identity management along
with access management enables a business to manage customer, partner,
supplier and device access to its systems while ensuring security is
the top priority.
This goal can be accomplished on several fronts, starting with allowing
authorized access from anywhere. As people increasingly use their
social media identities to access services and resources, organizations
must be able to reach their users through any platform, allowing them
to access corporate systems through their existing digital identities.
Identity management can also be used to improve employee productivity,
which is especially important when onboarding new employees, or
changing authorizations for accessing different systems when an
employee's function changes. When companies hire new employees, they
have to be given access to specific parts of their systems, given new
devices and provisioned into the business. Done manually, this process
can be time-consuming and reduces the ability of the employees to get
right to work. However, automated provisioning can enable companies to
accelerate the process of allowing new employees to access the required
parts of their systems.
Finally, identity management can be an important tool for enhancing
employees' user experience, especially for reducing the impact of
identity chaos, the state of having multiple sets of user IDs and
passwords for disparate systems. Typically, people can't remember
numerous usernames and passwords and would prefer to use a single
identity to log in to different systems at work. SSO and unified
identities enable customers and other stakeholders to access different
areas of the enterprise system with one account, ensuring a seamless
user experience.
This was last updated in November 2017
Continue Reading About identity management (ID management)
* Read about best practices for mobile identity management
* Find out what changes to the Fast identity Online Alliance spec
mean for multifactor authentication
* Learn how to choose the right approach to cloud identity management
* Read about getting started with multifactor authentication in the
enterprise
* Find out about identity management from the National Institute of
Standards and Technology
Related Terms
continuous authentication
Continuous authentication is a method of verification aimed at
providing identity confirmation and cybersecurity protection on
an... See complete definition
identity and access management (IAM)
Identity and access management (IAM) is a framework of business
processes, policies and technologies that facilitates the ...
See complete definition
zero-trust model (zero trust network)
The zero trust model is a security model used by IT
professionals that requires strict identity and device
verification ... See complete definition
Dig Deeper on Enterprise identity and access management
* [windevelopment_article_011.jpg]
Words to go: Identity and access management security
[donegan_katie.jpg]
By: Katie Donegan
* [2.jpg]
federated identity management
[rouse_margaret.jpg]
By: Margaret Rouse
* [3.jpg]
claims-based identity
[rouse_margaret.jpg]
By: Margaret Rouse
* [servervirtualization_article_020.jpg]
Identity and access management tools add AI, microservices
[mixon_erica.jpg]
By: Erica Mixon
* [rouse_margaret.jpg]
Margaret Rouse asks:
What is the best identity management solution?
Join the Discussion
* [rouse_margaret.jpg]
Margaret Rouse asks:
What strategies do you use to manage identities in the enterprise?
Join the Discussion
Sponsored News
* Why IT Must Break Down Silos as Part of its Digital Transformation
Initiative –Citrix
* What’s Next in Digital Workspaces: 3 Improvements to Look for in
2019 –Citrix
* See More
Vendor Resources
* Single sign-on: Understanding the role of SSO in security –OneLogin
Join the conversation
5 comments
____________________________________________________________
____________________________________________________________
____________________________________________________________
____________________________________________________________
[X] Send me notifications when other members comment.
(BUTTON) Add My Comment
Register
____________________ ____________________ ____________________
*
+ [ ] I agree to TechTarget’s Terms of Use, Privacy Policy, and
the transfer of my information to the United States for
processing to provide me with relevant information as
described in our Privacy Policy.
Please check the box if you want to proceed.
*
+ [ ] I agree to my information being processed by TechTarget
and its Partners to contact me via phone, email, or other
means regarding information relevant to my professional
interests. I may unsubscribe at any time.
Please check the box if you want to proceed.
Add My Comment
Login
____________________ ____________________ Forgot your password?
Add My Comment
Forgot your password?
No problem! Submit your e-mail address below. We'll send you an email
containing your password.
____________________ (BUTTON) Submit
Your password has been sent to:
Please create a username to comment.
____________________ Create Username and Add My Comment
Oldest Newest
[-]
[21703.gif]
Margaret Rouse - 21 Oct 2013 1:46 PM
What is the best identity management solution?
Reply
____________________________________________________________
____________________________________________________________
____________________________________________________________
____________________________________________________________
(BUTTON) Add My Comment Cancel
*
[-]
[default_avatar.gif]
sarahjo - 19 Feb 2015 2:49 PM
When it comes to business management, the best identification solutions
I have found come from applications and tools that help me stay
connected to my staff and workers. These tools offer a great way to
control who has access to what, and I can see who is accessing what
files and programs and ensure identity management no matter where I may
be.
Reply
____________________________________________________________
____________________________________________________________
____________________________________________________________
____________________________________________________________
(BUTTON) Add My Comment Cancel
*
[-]
[43295.gif]
Genderhayes - 11 May 2014 4:25 PM
Establishing and managing the roles and access privileges of individual
network users provide administrators with the tools and technologies
to change a user's role, to track user activities and to enforce
policies on an ongoing basis
Reply
____________________________________________________________
____________________________________________________________
____________________________________________________________
____________________________________________________________
(BUTTON) Add My Comment Cancel
*
[-]
[34071.gif]
Ken Harthun - 26 Dec 2014 12:02 PM
I believe that this is going to have to be part of the Internet of
Things we are hearing so much about. With complexity comes security
problems. Identity management may be part of the solution.
Reply
____________________________________________________________
____________________________________________________________
____________________________________________________________
____________________________________________________________
(BUTTON) Add My Comment Cancel
*
[-]
[default_avatar.gif]
Jonabee - 9 Apr 2019 9:16 AM
what is the difference in identity management in africa and europe?
Reply
____________________________________________________________
____________________________________________________________
____________________________________________________________
____________________________________________________________
(BUTTON) Add My Comment Cancel
*
-ADS BY GOOGLE
[INS: :INS]
File Extensions and File Formats
* A
* B
* C
* D
* E
* F
* G
* H
* I
* J
* K
* L
* M
* N
* O
* P
* Q
* R
* S
* T
* U
* V
* W
* X
* Y
* Z
* #
Latest TechTarget resources
* Cloud Security
* Networking
* CIO
* Enterprise Desktop
* Cloud Computing
* Computer Weekly
SearchCloudSecurity
* 5 steps to a secure cloud control plane
A locked-down cloud control plane is integral to maintaining cloud
security, especially in multi-cloud environments. Here are ...
* 3 steps to prepare IT operations for multi-cloud
Organizations must ready their IT operations for multi-cloud and
the unique security challenges ahead. Equip your IT ops team ...
* Shared responsibility model transparency boosts cloud security
The shared responsibility model delineates where company and CSP
security responsibilities start and end. This is critical not ...
SearchNetworking
* 7 key developments to expect from SD-branch in 2020
New year, new developments. See what's new with SD-branch in 2020,
including security advancements and how technologies such as ...
* How to start building an SD-WAN RFP
An SD-WAN request for proposal should include comprehensive
questions that dive into vendor features and capabilities, ...
* Food manufacturer finds success with SD-WAN vendor CloudGenix
Disappointed in a managed service from Verizon, food manufacturer
Diamond Crystal Brands went looking for an SD-WAN vendor that ...
SearchCIO
* Quantum computing in business applications is coming
Quantum computers are closer than you think. While tech companies
make progress toward building functioning machines, there are ...
* CIO vs. CTO: Making the distinction between the two roles
In this Q&A, Gartner analyst Samantha Searle provides insight into
the roles of the CIO and CTO when both exist within an ...
* Top trends in AI, RPA, 5G to watch in 2020
5G, RPA and AI all made substantial gains in the previous year, but
2020 will be the time when CIOs really need to understand ...
SearchEnterpriseDesktop
* Will Microsoft's Edge start a new browser war?
Analysts say the new browser fight between Google and Microsoft
could be about the future of work, as enterprises increasingly ...
* 6 tweaks to increase Windows 10 performance
With a few minor tweaks, such as maximizing RAM, disabling visual
effects and getting rid of unnecessary services, you can ...
* Manage Windows 10 default file type associations with SetUserFTA
Windows 10 default file type associations dictate which
applications open for different file types. Find out how IT can
manage ...
SearchCloudComputing
* Review these 3 key cloud computing trends from 2019
What cloud trends played a large role in the IT industry in 2019?
They might not be the first ones that come to mind.
* 5 steps to kick-start your cloud incident response strategy
At this point, a cloud incident management strategy should not be
optional for enterprises working in the cloud. Review these ...
* Get the lowdown on these 4 Google Cloud management services
Google Cloud Platform offers numerous tools to manage and deploy
resources -- each with its own specific focus. Learn about these...
ComputerWeekly.com
* Life on the edge: A new world for data
Edge computing is regarded as the next frontier for data, with
rapid growth expected in the market. We assess the prospects
* Security Think Tank: Let’s call time on inciting fear among users
The traditional picture of a hacker is of a script kiddie in a
hoodie hunched over a computer keyboard, but this stereotype is ...
* Government injects £40m into single sign-on NHS programme
The government has put aside funding to speed up login times.
Additional funding has been announced to support adult digital ...
* About Us
* Meet The Editors
* Contact Us
* Privacy Policy
* Videos
* Photo Stories
* Definitions
* Guides
* Advertisers
* Business Partners
* Media Kit
* Corporate Site
* Contributors
* CPE and CISSP Training
* Reprints
* Archive
* Site Map
* Events
* E-Products
All Rights Reserved, Copyright 2000 - 2020, TechTarget
Do Not Sell My Personal Info
Close