What is Identity Management?
Identity Management (IDM) automates the management of accounts and authorizations so that security and speed increase whilst costs often decrease at the same time. Essential functions of identity management become clear when a new employee enters a company: A new employee needs a number of accounts and authorizations in order to be able to work. These must not only be created in a large number of applications, but must also be maintained. For example, access authorizations must be adjusted when changing departments, vacation replacements or changing project assignments. Failure to do so, for example, will result in the trainee, who passes through all departments of a company, having the most authorizations and posing a security problem. The adaptation of accounts and permissions is therefore unavoidable, but involves a great deal of effort.
In addition, every adjustment raises questions relevant to security:
- Does the new set of permissions create a critical combination so that, for example, a customer can release their own order?
- What if a user requires the “old” permissions in order to complete his previous tasks?
- Is the documentation of all changes really gapless?
With a comprehensive identity management system, such problems are a thing of the past. Prudent process automation not only saves an average of 64 percent in the ongoing maintenance of accounts and authorizations. Instead, special backups and tools prevent both critical authorization combinations and documentation gaps. This allows a company to prove at any time who granted which authorization when and why (compliance). In addition, the IT landscape is optimally prepared for the introduction of User Self Services or Single Sign-On.
Today, the name “Identity Management” (IDM) is being extended to “Secure Identity & Access Management” (SIAM) in line with the comprehensive functionality described above, which has grown strongly over the last 15 years.