User access to any security application, including to an Identity Management Server, should be Encrypted.

Communication between an Identity Management Server and other network components -- such as Managed Systems, call tracking systems, authoritative directories, etc. should likewise be Encrypted.

Return to IT Security Concepts