Identity and Access Management: Your Guide to Common Terms
We’re back with more key cybersecurity terms and a handy reference guide so you can have them all in one place. In this second post of our five-part blog series, we’ll take a closer look at Identity and Access Management (IAM).
Identity and Access Management can take care of tedious security tasks and free up IT admins’ time. Through IAM, you can automatically grant permissions to employees, provide logins, and use single sign-on (SSO) to log in to multiple accounts. These things make life easier for employees and IT admins alike.
Here are some key terms you may come across when researching and implementing IAM.
2FA: A security process for providing 2 different authentication factors before you can access an account or system. Also referred to as two-step verification, 2FA requires verification factors from 2 of these categories:
- Something you know (like your password or PIN)
- Something you are (like your fingerprint or voice)
- Something you possess (like your smartphone or a fob)
IAM (Identity and Access Management): A set of technologies, policies, and processes that helps your organization centrally manage user roles and activity and enforce security policies. IAM solutions serve 4 main purposes: authentication, authorization, user management, and central user repository.
Looking for more on IAM? Check out our white paper, Identity and Access Management 101, for an overview.
MFA (multifactor authentication): A security process, similar to 2FA, that requires at least 2 authentication factors for granting access. MFA and 2FA are often used interchangeably; the primary difference between them is that MFA may have 3 or more verification steps.
SCIM (system of cross-domain identity management): An open standard protocol that allows IT systems or domains to exchange user identity information. SCIM is commonly used to automate user provisioning.
SSL (secure socket layer): A protocol for encrypting information sent over the internet. SSL is commonly used on websites to encrypt the connection between the browser and the web server.
SSO (single sign-on): A user authentication method that allows your employees to log in with 1 set of logins to access multiple accounts. SSO often integrates with a password manager and other IAM tools to simplify logins.
Token: A physical or digital device that you need to access a protected IT resource like an app. Tokens, such as a physical fob or digital code, are commonly used for 2-factor authentication (2FA) or multifactor authentication (MFA).
Hopefully this glossary sheds a little light on the broad solution that is IAM.
For more topics and key definitions, be sure to download our Essential Guide to Common Cybersecurity Terms and save it as a reference.
Thanks! You're subscribed. Be on the lookout for updates straight to your inbox.