Enterprise IT Identity & Access Management

A Buyer's & Integrator's Guide - WebLog Version 1.0

Browse by Tags

Related Posts
  • Blog Post: Authorization Strategy

    Authorization (or establishment or entitlement) defines a user's (or process') rights and permissions to a resource. After a user (or process) is authenticated, authorization determines what that user can do to the resource. Here are some authorization strategies to improve security: By default...
  • Blog Post: IAM in TwC

    I attended 2006 Microsoft EE & TwC Forum recently and tried to find out if there is any relationship between IAM and TwC. It is interesting that TwC (Trustworthy Computing) has Identity and Access Control as a grand child. At top level, TwC has four children, referred as 4 pillars: 1. Security...
  • Blog Post: Systems Management Stategy

    Digital identities includes not only people but also devices, such as machine account and machine certificate, and applications (or software services). Therefore, there is a small overlapped area between systems management and IAM. Although systems management is another big area in IT, you should have...
  • Blog Post: Auditing Strategy

    Auditing (also referred as Audit or Accounting or Accountability) ensures that the activities associated with user access are logged for monitoring, regulatory and investigative purposes. Auditing Strategies for IAM to be compliance: Identify regulations you company must be compliance: such...
  • Blog Post: Authentication Strategy

    Authentication is the procedure through which a user or a device or a service (or application) provides sufficient credentials to satisfy access requirements to another service, application, or system. User Authentication Strategy: · Prepare and plan for Strong User Authentication · Educate...
  • Blog Post: IAM Strategy

    IAM is a combination of processes, technologies, and policies enabled by software to manage digital identities in their lifecycle and specify how they are used to access resources. IAM is a superset of AAA (Authentication, Authorization, Auditing)*. Here are some general strategies for enterprise to...