Identity and Access Management System in Business Essay

Exclusively available on Available only on IvyPanda® Made by Human No AI

Abstract

An IAM system is capable of establishing identities, issuing access roles, rules, and policies, and assigning user privileges based on their credentials. In the case of ATN, it is used for managing the process of authentication and oversight of control rules and policies. In addition, the system can mitigate a range of threats. Finally, it provides the possibility to systematize unstructured data.

Main Body

Data breaches are increasingly more difficult to avoid on an enterprise level. One of the possible ways of mitigating the risk is using an identity and access management (IAM) system. The following essay describes the IAM system leveraged in a solution used by the ATN.

The complexity of the IT landscape of the telecommunications provider ATN has prompted an attempt to move to a cloud-based service. The move was expected to minimize expenses associated with the management of a highly heterogeneous portfolio of legacy applications accumulated in several corporate acquisitions. In addition, it made the application consolidation process easier and more comprehensive.

After the initial successful transition of several low-risk applications to a platform as a service environment, ATN has created several identities in order to give users access to services, at which point it was suggested by their consultants, CloudEnhance, to launch a pilot identity and access management (IAM) system, thus fulfilling the need for cloud-based identities. The IAM system in question manages security boundaries within the cloud environment. The identities created for the purpose are different from legacy on-premise ones that used internal security policies of the company.

The identity and access management system used as a part of a cloud-based solution by ATN is a system that provides control over the access to and use of sensitive information by stakeholders. The system is regulated by the administrators and utilizes a role-based access control model, in which rights and permissions are determined by the roles of service consumers within the hierarchy (Khansa & Zobel, 2014). The system issues access to different components of the service, including operating systems, data storage locations, resources, and environments.

The IAM system in question utilizes four key elements. First, it includes a tool responsible for user authentication in the system. Depending on the type of platform used for internet access, the authentication component can be based on different types of media, including username and password pairs, digital certificates and signatures, IP and MAC registration, voice recognition software, and biometric data, among others (Peer, Bule, Gros, & Struc, 2013). In most cases, the latter will be the preferred method for mobile users, whereas the former will be more common for desktop computers.

The second element is an authorization mechanism, which manages rules of access control and monitors interactions between security policies and authorizations issued to different users. The third element performs a range of administrative functions, including generation and storage of user accounts, creation and management of user groups, and management of authentication information. Finally, the fourth element uses consumer identities to manage access control policies and reduce the occurrence of insufficient authorizations.

As can be seen, the IAM system in question is capable of establishing identities, issuing access roles, rules, and policies, and assigning user privileges based on their credentials. Such a system allows for the minimization of threats such as a denial of service attacks, conflicting trust boundaries, and insufficient authorization. In a typical scenario of IAM system operation, a user decides to get access to service features and enters their credentials.

The authentication element verifies the credentials for consistency. In order to complete the operation, the attributes of a user are compared against those of the environment and resource. Most likely, at this point, the data is replicated onto an on-premise database managed by the cloud response administrator. After the identity of the user is established, they are assigned respective permissions by the authorization element, enabling logical access to the cloud-based service. At the same time, the IAM data is synchronized with the on-premise storage.

The efficiency of the described procedure is achieved through full automation of the process. In the optimal scenario, access control is performed entirely based on data obtained during the authentication procedure. It is important to mention that while the IAM system’s tasks include logging consumer access to data, the control of access is handled by a different mechanism.

Currently, a number of commercial vendors offer products with IAM functionality. These include Hitachi ID systems, iWelcome, Avatier, Centrify, Forge Rock, Dell, Oracle, and Microsoft Azure AD, among others. These products are compatible with different platforms and environments, which ensures a high degree of uniformity in security practices across the organization. In addition, they are capable of creating a risk profile of a user based on a number of factors, which addresses the threat posed by the Bring Your Own Device (BYOD) policy (Marshall, 2014). Finally, they can log the activities occurring within the unstructured enterprise data, which is highly beneficial for ATN.

As can be seen, the IAM system offers a number of advantages in organizing and managing the process of authentication and oversight of control rules and policies. In addition, the system is capable of mitigating a range of threats. Finally, it provides the possibility to systematize unstructured data, which is especially relevant for a heterogeneous enterprise such as ATN.

References

Khansa, L., & Zobel, C. W. (2014). Assessing innovations in cloud security. Journal of Computer Information Systems, 54(3), 45-56.

Marshall, S. (2014). IT consumerization: A case study of BYOD in a healthcare setting. Technology Innovation Management Review, 4(3), 14-18.

Peer, P., Bule, J., Gros, J. Z., & Struc, V. (2013). Building cloud-based biometric services. Informatica, 37(2), 115-122.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2021, April 8). Identity and Access Management System in Business. https://ivypanda.com/essays/identity-and-access-management-system-in-business/

Work Cited

"Identity and Access Management System in Business." IvyPanda, 8 Apr. 2021, ivypanda.com/essays/identity-and-access-management-system-in-business/.

References

IvyPanda. (2021) 'Identity and Access Management System in Business'. 8 April.

References

IvyPanda. 2021. "Identity and Access Management System in Business." April 8, 2021. https://ivypanda.com/essays/identity-and-access-management-system-in-business/.

1. IvyPanda. "Identity and Access Management System in Business." April 8, 2021. https://ivypanda.com/essays/identity-and-access-management-system-in-business/.


Bibliography


IvyPanda. "Identity and Access Management System in Business." April 8, 2021. https://ivypanda.com/essays/identity-and-access-management-system-in-business/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
Privacy Settings

IvyPanda uses cookies and similar technologies to enhance your experience, enabling functionalities such as:

  • Basic site functions
  • Ensuring secure, safe transactions
  • Secure account login
  • Remembering account, browser, and regional preferences
  • Remembering privacy and security settings
  • Analyzing site traffic and usage
  • Personalized search, content, and recommendations
  • Displaying relevant, targeted ads on and off IvyPanda

Please refer to IvyPanda's Cookies Policy and Privacy Policy for detailed information.

Required Cookies & Technologies
Always active

Certain technologies we use are essential for critical functions such as security and site integrity, account authentication, security and privacy preferences, internal site usage and maintenance data, and ensuring the site operates correctly for browsing and transactions.

Site Customization

Cookies and similar technologies are used to enhance your experience by:

  • Remembering general and regional preferences
  • Personalizing content, search, recommendations, and offers

Some functions, such as personalized recommendations, account preferences, or localization, may not work correctly without these technologies. For more details, please refer to IvyPanda's Cookies Policy.

Personalized Advertising

To enable personalized advertising (such as interest-based ads), we may share your data with our marketing and advertising partners using cookies and other technologies. These partners may have their own information collected about you. Turning off the personalized advertising setting won't stop you from seeing IvyPanda ads, but it may make the ads you see less relevant or more repetitive.

Personalized advertising may be considered a "sale" or "sharing" of the information under California and other state privacy laws, and you may have the right to opt out. Turning off personalized advertising allows you to exercise your right to opt out. Learn more in IvyPanda's Cookies Policy and Privacy Policy.

1 / 1