Ensuring the right user has access to the right resource.
Access management is about managing consistent sets of access control policies across enterprise systems. Automated access management protects internally and externally exposed systems and applications.
Access management is a system used to manage the access of resources by employees, partners, contractors and customers. Whether this is done manually, coded into applications, or automated in an enterprise platform, access management is increasingly important to security. Automated access management requires you to know identities. This is why intiGrow recommends identity management as the foundation of a security strategy.
There are several topics that fall under the category of access management:
♦ Single Sign On
♦ Federated Single Sign On AKA Federated Identity Management
♦ Privileged Access Management AKA Privileged Identity Management
Authentication, as part of access management, means users, devices, and systems providing credentials to the access management system before being granted the resources they request.
Single Sign On provides a one-time process for the user to execute to access all resources. With single sign-on, users can access different applications but just authenticating once. They need not remember many user names and passwords for different applications.
Federated Single Sign On enables users from outside of a domain, such as other divisions or organizations, to access resources which the users’ organization does not control. An example is in the case of a hosted application. Federated Single Sign On allows the user to access the externally hosted application without the need to remember and provide account credentials.
Privileged Access Management provides access management services for users with elevated resources privileges, typically meaning system administrators. These users need to perform tasks that can expose sensitive resources. IT security best practices call for limiting exactly what each system administrator is authorized to do.
Business processes access management supports include:
♦ Centralized Access Control
♦ Single Sign On
♦ Adaptive Authentication
♦ Access logging
♦ Access Reviews and Certification
An automated access management platform can help further by providing access event information to a Security Information and Event Management (SIEM) platform. This enables you to see in context access events such as repeated failed log ons correlated to security events from other resources. Integrating access management with SIEM will empower you to reduce the impact of security threats.