Identity & Access Management (IAM) provides companies with central management of identities and access rights to different systems and applications.
The most important function of identity and access management is to manage user accounts and access permissions. To grant access rights, the system must authenticate and authorize users. During authentication, the user proves to the system that he or she is who he or she claims to be. For this purpose, simple user name and password queries as well as multi-factor procedures with security tokens or biometric features can be used. Once the identity of the user has been established beyond any doubt, the next step is to authorize him or her. This determines, which systems or resources the user has access to. Authorization is based on more or less complex rules and role concepts, which are usually stored in a database. These rules and roles can be freely defined or dependent on the organizational structure of the company and the user's work area.
Especially in large companies or user web portals, a variety of identities and access rights must be managed. The IAM is able to do this efficiently and ensure that access permissions comply with internal and external policies. It prevents that the identities and access rights are being lost due to many uncoordinated, individual, decentralized release and authorization processes.