Identity and Access Management

In a recent study by Verizon, 63% of the confirmed data breaches are due to either a weak, stolen or default passwords used. There is a saying in the cybersecurity world that goes like this “No matter how good your chain is it’s only as strong as your weakest link.” and exactly hacker use the weakest links it the organisation to infiltrate. They usually use phishing attacks to infiltrate an organisation and if they get at least one person to fall for it, its a serious turn of events from thereon.

They use the stolen credentials to plant back doors, install malware or exfiltrate confidential data, all of which will cause serious losses for an organisation. And so Identity and Access Management (IAM) is a combination of policies and technologies that allows organisations to identify users and provide the right form of access as and when required.

There has been a burst in the market with new applications, and the requirement for an organisation to use these applications has increased drastically. With these new applications being created over the cloud, mobile and on-premise can hold sensitive and regulated information, It’s no longer acceptable and feasible to just create an Identity server and provide access based on the requests. In current times an organisation should be able to track the flow of information and provide least privileged access as and when required, obviously with a large workforce and new applications being added every day it becomes quite difficult to do the same.



So organisations specifically concentrate on managing identity and its access with the help of few IAM tools. It’s quite obvious that it is very difficult for a single tool to manage everything but there are multiple IAM tools in the market that help the organisations with any of the few services given below.

IAM in general have few services:

  • Identity management
  • Access management
  • Federation
  • RBAC/EM
  • Multi-Factor authentication
  • Access governance
  • Customer IAM
  • API Security
  • IDaaS – Identity as a service
  • Privileged Identity management – PIM (PAM or PIM is the same)


Figure – Services under IAM

More About the Services:
Looking into the services on brief, Identity management is purely responsible for managing the identity lifecycle, access management is responsible for the access to the resources, access governance is responsible for access request grant and audits, PIM or PAM is responsible for managing all the privileged access to the resources.
The remaining services either help these services or help in increasing the productivity of these services.

Market for IAM:
Current situation of the market, there are three market leader (Okta, Saipoint and Cyberark) who master one of the three domains (Identity Management, Identity Governance and Privilege access management), according to Gartner and Forrester reports. These companies have developed solutions and are still developing new solutions that allow an organisation to manage identity and its access securely without any hindrances in the workflow.
There are other IAM tools, Beyond Trust, Ping, One login, Cenrify, Azure Active Directory, Oracle Identity Cloud Services and many more.



My Personal Notes arrow_drop_up

Check out this Author's contributed articles.

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.