What is Identity & Access Management? Why your company needs it? Who needs Identity & Access Management? What are examples of use? More on: https://evolveum.com
2. What is Identity & Access
Management?
Identity and Access Management automatizes
processes to assign the right people in an
enterprise the appropriate access to technology
resources.
3. Why your company needs IAM?
Enterprises that develop mature IAM capabilities
can reduce their identity management costs and,
more importantly, become significantly more agile
in supporting new business initiatives.
Gartner
4. Examples of use of IAM
New employee is hired, changes position,
contacts of partners need to be managed
IAM will automatically create all the accounts that
a user needs, automatize processes and changes
in user management.
Go to Evolveum.com
5. Examples of use of IAM
Organization has strict security requirements
IAM will centralize the policy management,
provide implementation technology requirements
authorization mechanism and support for reliable
and efficient auditing.
Go to Evolveum.com
6. Examples of use of IAM
Many customer contacts in CRM and other
systems
IAM will seamlessly synchronize customer records
Go to Evolveum.com
7. Examples of use of IAM
Universities, government agencies and third-
sector need to manage vast number of
identities
IAM can manageme records of students / alumni /
citizens / volunteers / subscribers or similar
identity types
Go to Evolveum.com
8. 4 major categories of IAM
components
1. Authentication
Provides sufficient credentials to users to gain
access to an application system or a particular
resource from clients
Go to Evolveum.com
9. 4 major categories of IAM
components
2. Authorization
Authorization is the module that determines
whether a user is permitted to access a particular
resource.
Go to Evolveum.com
10. 4 major categories of IAM
components
3. User management
User management module defines the set of
administrative functions such as identity creation,
propagation, and maintenance of user identity and
privileges.
Go to Evolveum.com
11. 4 major categories of IAM
components
4. Central user repository (Enterprise
Directory)
Central User Repository stores and delivers
identity information to other services, and provides
service to verify credentials submitted from clients
Go to Evolveum.com
12. What are some areas to consider
when implementing?
• Data inventory and classification policy
• Federated access policy
• Acceptable use policy
• Eligible affiliations
• Remote access
Go to Evolveum.com
13. Five ways to ruin your IAM project
1. Start big and go down the waterfall
2. Spend the budget on product
3. Chose a suite or vendor lock-in
4. Customize extensively
5. Purchase an IAM project
5 Ways to Ruin Your IAM Project + Bonus Tip
View Presentation
Go to Evolveum.com
14. Support for security auditing and
reporting
midPoint keeps an audit trail of all changes to user
privileges. It has a built-in reporting engine to
generate reports for identities collected from all
the connected systems.
Go to Evolveum.com
15. Who needs IAM?
IDM Rule of the thumb
< 100 identities: You are fine with manual work
100 - 1k identities: You might need it
10k - 100k identities: You need it
> 100k identities: You desperately need it
Go to Evolveum.com