Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

ID Management 101: An Executive Guide to ID Management

Providing IT managers with ID Management tools and technologies for controlling user access to critical information within an organisation.
Page:

What is identity management?

Identity management is a term that refers broadly to the administration of individual identities within a system, such as a company, a network or even a country. In enterprise IT, identity management is about establishing and managing the roles and access privileges of individual network users. ID management systems provide IT managers with tools and technologies for controlling user access to critical information within an organisation.

The core objective of an ID management system in a corporate setting is this: one identity per individual. But once that digital ID has been established, it has to be maintained, modified and monitored throughout what has been called the “access lifecycle.” So ID management systems provide administrators with the tools and technologies to change a user's role, to track user activities and to enforce policies on an ongoing basis. These systems are designed to provide a means of administering user access across an entire enterprise and to ensure compliance with corporate policies and government regulations.

The list of technologies that fall under this category includes password-management tools, provisioning software, security-policy enforcement applications, reporting and monitoring apps, and identity repositories. Nowadays, these technologies tend to be grouped into software suites with assortments of additional capabilities, from enterprise-wide credential administration to automated smart-card and digital-certificates management.

The ID management buzz phrase of the moment is “identity lifecycle management.” The concept encompasses the processes and technologies required for provisioning, de-provisioning, managing and synchronising digital IDs, as well as features that support compliance with government regulations. Technologies that fall under the ID lifecycle-management rubric include tools for security principal creation, attribute management, identity synchronisation, aggregation and deletion.

Why should I care about identity management?

ID management is inextricably linked to the security and productivity of any organisation involved in electronic commerce. Companies are using ID management systems not only to protect their digital assets, but also to enhance business productivity. The systems' central management capabilities can reduce the complexity and cost of an essential process. The centralised access control also supports consistent security policy enforcement.

ID management systems also give organisations a way to control the swarm of untethered endpoints — laptops, PDAs and mobile phones — buzzing around the enterprise. Many of these devices are neither owned nor provisioned by the companies whose networks they need to access. The ability to enforce a set of policies on the devices that connect with the network through the management of the identities of the users of those devices is fast becoming a must-have security capability.

And besides, the government says you have to care about identity management. In 2005 lawmakers began making moves to put the onus for safeguarding customer info squarely on the shoulders of the enterprise. Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA — each holds the company, in various ways, responsible for controlling access to customer and employee information.

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Comments

1

Anonymous

Mon 31/08/2009 - 16:44

can any one say tripple 6 is hear and on the way every one who reads this should just say no

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: exec series 101, access control, identity management, id management, networking, security
Latest Blog Posts
Whitepapers
  • Case Study: Keeping information on the move: Clearswift protects Maman, the logistics experts
    Time is money. Every minute a consignment is held up in transit costs money and causes problems. Web and email are mission critical business tools that enable Maman, and their customers, to efficiently collaborate with partners across the globe. Spam, and other web based threats can result in delays that ultimately lead to missed deadlines - keeping the lines of communication open is therefore a key priority for Maman. Read on.
    Learn more »
  • Why performance management? A guide for the midsize organisation
    Midsize organisations are uniquely positioned to take advantage of a performance management approach to business. Compared with larger companies, they have more agility to bring information and people together and respond faster to changing market conditions. With one performance management solution, midsize companies can turn disconnected data into information, turn information into valuable insight and turn insight into action.
    Learn more »
  • NetScaler 2048-bit SSL performance advantage
    Citrix® NetScaler® provides advanced layer 4-7 traffic management and load balancing. Like other leading Application Delivery Controllers (ADCs), NetScaler can offload computationally expensive SSL processing responsibilities from web and application servers to speed the delivery of SSL-protected applications. Learn more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments