18 ways to make your IT environment more secure and easier to manage
What is IAM?
Biometric authentication: Including fingerprint sensors, iris and retina scanning, and facial recognition. Not for everyone yet, but a growing area.
Context-aware network access control is a policy-based method of granting access to network resources according to the current context of the particular users.
Credential is a user identifier to access to a network: the user’s password, public key infrastructure (PKI) certificate, or biometric information.
De-provisioning: removing an identity from an ID repository and terminating access privileges.
Digital identity: a central feature, the ID itself, including user and that person’s or entity’s access privileges.
Entitlement: attributes that specify the access rights and privileges of an authenticated security principal.
Identity as a Service (IDaaS): Cloud-based IDaaS offers identity and access management functionality to an organisation’s systems that reside on-site and/or in the cloud.
Identity lifecycle management: the entire set of processes and technologies for keeping digital identities current. This will include identity synchronisation, provisioning, de-provisioning, and the ongoing management of user attributes, credentials and entitlements.
Identity synchronisation: ensuring that multiple identity stores—e.g. mergers and acquisitions—contain consistent data for a given digital ID.
Lightweight Directory Access Protocol (LDAP): an open standards-based protocol for managing and accessing a distributed directory service, such as Microsoft’s AD
Multi-factor authentication (MFA) is when more than just a single factor, such as a user name and password, is required for authentication to a network or system. At least one additional step is also required, such as email or SMS authentication.
Password reset is a feature of the ID management system that allows users to re-establish their own passwords. The application asks for a secret word or a set of questions to verify the user’s identity.
Privileged account management: managing and auditing accounts and data access based on the privileges of the user. A privileged user has been granted administrative access to systems. He or she, for example, would be able set up and delete user accounts and roles.
Provisioning is the process of creating identities, defining their access privileges and adding them to an ID repository.
Risk-based authentication (RBA) dynamically adjusts authentication requirements if the user is attempting authentication in an unusual way or from an unusual location.
Single sign-on (SSO): Access control for multiple separate systems. With one username and password, a user can access a system or systems without using different credentials.
User behavior analytics (UBA): examines behaviour and applies algorithms and analysis to detect anomalies that may reveal potential threats.
With over six years of success behind it, AD360 is technically mature – a sophisticated, powerful and cost-effective IAM solution. Security managers and admins employ it to manage user identities, control access to resources, enforce security, and – an ever-growing challenge – to ensure compliance.
AD360 provides user provisioning, self-service password management, and Active Directory change monitoring, to single sign-on (SSO) for enterprise applications. What’s more, it helps you perform all your IAM tasks with a simple, easy-to-use interface.