Identity Management Solutions, Why?
Identity Management is a booming business. The awareness of managing user information in companies is growing, not only by the IT staff but also at corporate management level. A lot of vendors try to produce systems which can provide the customer needs. But every system is as good as it’s design. For that reason, developing a Identity Management System should be designed by a business consultant with experience in building Identity Management systems.
In organizations data about employees, customers and suppliers are spread over various information systems. Decentralized management of user information at different locations in the organization tends to jeopardize identification and access control as the use of a growing number of applications intensifies. The ownership of information increasingly blurs, giving rise to consequential inconsistencies. Information security erodes and might become a hindrance for new applications, such as the development of a website to enable more interaction with customers, suppliers and partners. In addition organizations have to comply with legislation and guide lines such as the Sarbane Oxley Act and Basel2, requiring corporations to secure these laws and guidelines in the organization, preferably as transparent as possible.
This state of affairs calls for the development of a consistent and efficient organizational infrastructure for identification, authorization, authentication, access and account management, or shortly Identity Management (IdM). IdM decreases the costs of managing, increases the security the reliability and the quality of information. Last but not least IdM increases the friendliness. IdM projects can be complex. They intervene deep in the organization and its ICT management. Organizational basis is crucial to the success of an IdM implementation. This requires commitment and persuasiveness of the higher management levels and the introduction of multiple disciplines. Disciplines like project definition and management, technical, tactical and organizational expertise need to work together.
Managing
Identity information is a complex process within most organizations.
A lot of employees are involved like ICT and HR personnel,
departmental managers. Most of the time a lot of actions need to be
made before a new hired employee can go to work. Accounts need to be
created, authorization need to be given for different services and
applications and information need to be gathered. Of a lot of systems
and services are involved, anything from financial and logistic
systems, file, print and mail services, directories and portals.
As corporations are dynamic entities, working methodology,
procedures, services and systems are frequently modified or extended,
often coupled with shifts in responsibilities between managers and
ICT staff. Compliancy with legislation and guide lines is getting
more demanding, increasing the need for security and monitoring the
management of identities.
Identity Management Solutions, What?
The
competence of Identity Management is to automate all the aspects
mentioned above to enable proper management of all the identities (or
entities for that matter) in a private or public environment (intra
and extranet). Identity Management deals not only with physical persons
but all entities like customers, departments, roles, services,
printers. Furthermore, IdM deals entities and with the relationships
between these entities. Each
identity consists of distinguishing characteristics which can be the
source of any action. These characteristics are known as attributes,
thus an identity is the sum of attributes.
Identity Management involves activities which occur based on these characteristics. For instance: employee A has a management role. The authorizations he needs are based on this role. These authorizations may involve the right to authorize new hired staff to a certain application with just a few simple actions. All is based on the identity and their relationship to roles and applications.
Identity management involves the following activities :
User management – activities aimed to manage the identity life cycle within a company. Hiring, promoting, locating and dismissal a staff member.
- User management – activities aimed to manage the identity life cycle within a company. Hiring, promoting, locating and dismissal a staff member.
- Authentication management – activities aimed to manage the means of authentication (password, tokens, biometrics and self service)Authorization management – activities aimed to manage the identity authorizations.
- Provisioning – (manual or automated) propagation of identity information and it’s authentication and authorization date to ICT-objects
- Data sharing – activities aimed to manage controlled access to the information about identities.
- Monitoring & audit – logging, (permanent) auditing en reporting.
A huge list of services will emerge if all these activities are translated in techniques.