Security Encyclopedia

Identity and Access Management (IAM)

Identity and Access Management (IAM) is an organizational process for ensuring the user accessing a resource is who they say they are and providing the proper access rights to the user.

IAM extends beyond identifying, authenticating, and authorizing individuals to utilize IT resources but also includes hardware and applications access. In fact it is broad, covering the products, procedures, and policies that are used to manage user identities and regulate user access within an organization.

Rather than thinking of simply provisioning and revocation of access credentials, IAM should be looked at as a defender and enabler of the resources behind its walls. A robust IAM system adds security by ensuring a consistent application of user access rules and policies across the setting or enterprise. Tools applied may range from an identity provider (or its services) down the hardware tokens used for two-factor authentication (2FA). IAM systems, however, also enhance business productivity through automation and governance, simplyfing its administration for the personnel who serve as admins. Indeed a properly conceived system would reduce the amount of friction or long communication cycles between users and admins.

Azure Active Directory, IBM Security Identity and Access Assurance, and Oracle Identity Cloud Service are all examples of IAM solution providers.

More recent trends in the IAM space include Decentralized Identity and Passwordless Identity Management.


"Our school has typically used IAM software on-premises, but this year we've made the decision to move to a cloud-based IdaaS solution such as Centrify."

Popular Resource:

The Evolution of Authentication White Paper, from Goode Intelligence & HYPR explores the evolution of authentication over the last 50 years.