We completed a four-part blog series about Identity and Access Management (IAM). By now, one thing is clear: for an IAM to work in any enterprise, we must have an interoperable set of standards-based identity, authorization, and authentication tools couple with emerging standards.
Today, standards from the World Wide Web Consortium (W3C), the FIDO Alliance, the OpenID Foundation (OIDF), the Internet Engineering Task Force (IETF), the Organization for the Advancement of Structured Information Standards (OASIS) and the National Institute of Standards and Technology (NIST) help form a foundation that extends across the web to address authentication, authorization, federation, account management and government regulations emerging worldwide.
Our Identity and Access Management series identifies that getting an organization to design Identity architecture with the identity standards discussed above will come with a few bumps in the road. There is a solid group of standards aiming at actual enterprise issues in need of solutions.
We want to define an enterprise-accepted future state architecture that we can tie back to the issues, and associated requirements to what assessment identifies. Once we define these issues, we can develop a roadmap to implement solutions in a cost-effective, time-effective, and security-focused IAM infrastructure.
Part 1, Planning IAM’s Success for Enterprises and Consumers in Cloud and Digital Transformation Era— We discuss how IAM looked a decade ago and then how Federation delegates authentication and removes the siloed app authentication repositories.
Part 2, Using Claim Based Authentication for Identity and Access Management— We explore Claim Based Authentication (CBA) in more detail. We talk about token, claims, and discussed the types of applications. We also note that CBA is more complicated by implementation but is also more secure than authentication mechanisms of the past.
Part 3, Using Microsoft for Hybrid Identity Options in Your IAM Environment— We look at Microsoft’s hybrid identity stack to point out modern identity’s complexity, and the challenges organizations face today. We concluded that the answer to handling the complexity requires a thoughtful and well-designed approach for any IAM project.
Part 4, Addressing the Complexity of IAM Solutions for Organizations— We address why assessing your IAM environment is one of the most critical tasks in today’s digital transformation era. It is essential that enterprises design, configure, and architect their modern IAM solutions per Identity standards and make sure that they secure their design.