Enterprise Identity and Access Management (IAM) is defined as a set of processes and technologies to effectively and consistently manage modest numbers of users and entitlements across multiple systems. In this definition, there are typically significantly fewer than a million users, but users typically have access to multiple systems and applications.
Typical enterprise identity and access management scenarios include:
- Password synchronization and self-service password reset.
- Management of other credentials, such as one-time password devices, security questions, smart phone apps, biometrics, smart cards, cryptographic certificates, etc.
- Identity and access management (IAM) which can create/delete identities and assign/revoke entitlements, in response to processes such as data synchronization, a request portal, approval flow, access reviews ("governance") and policy enforcement.
- Group management, to create, manage and delete security groups and mail distribution lists.
- Single sign-on -- which may consist of Kerberos, federated access (SAML or similar), web SSO (web form stuffing or server-side agents) and enterprise SSO (client-side form stuffing).
- Strong authentication, combining multiple credentials with contextual selection of suitable login mechanisms.
Adjacent problem areas to Identity and access management (IAM) include Privileged access management (PAM) and directories.
Hitachi ID Identity Manager manages the lifecycles of identities, accounts, groups and entitlements. It includes:
- Automation to grant and revoke access, after detecting changes on systems of record.
- A web portal for access requests, profile updates and certification.
- Full lifecycle management for groups and roles on target systems.
- A workflow manager to invite people to approve requests, review access or complete tasks.
- Policy enforcement related to SoD, RBAC, risk scores, privacy protection and more.
- Reports, dashboards and analytics.
Hitachi ID Identity Manager includes connectors to manage accounts, groups and entitlements on over 130 kinds of systems and applications, on-premises and in the cloud.