Identity Management

Identity management (also called Identity and Access Management or IAM) is the framework for managing digital identities throughout their lifecycle. It ensures the right individuals have the right access to the right resources at the right times for the right reasons.

Identity management components:

• Identity lifecycle: Creation, modification, suspension, deletion of user accounts
• Authentication: Verifying user identity (passwords, MFA, biometrics)
• Authorisation: Determining access permissions based on identity
• Single Sign-On (SSO): One authentication for multiple applications
• Directory services: Central repository of user identities (Active Directory, Azure AD)
• Privileged access management: Special controls for admin accounts
• Identity governance: Policies and processes for managing access

Identity management features:

• User provisioning: Automatically creating accounts when employees join
• De-provisioning: Automatically revoking access when employees leave
• Self-service: Password resets, profile updates, access requests
• Audit trails: Complete history of identity changes and access
• Compliance reporting: Evidence of access management for auditors

Identity management solutions:

• Microsoft Entra ID (Azure AD): Identity for Microsoft and cloud applications
• Okta: Cloud-native identity management
• JumpCloud: Directory-as-a-service for hybrid environments
• Google Workspace: Identity for Google ecosystem
• Auth0: Developer-focused identity platform

Modern identity concepts:

• Zero trust identity: Never trust, always verify every access request
• Passwordless authentication: FIDO2 keys, biometrics, magic links
• Conditional access: Policies based on risk signals (location, device, behaviour)
• Identity federation: Trust relationships between identity providers