You may remember the bouncer from your college days: the big guy who checks your
ID at the door who determines whether you are who you claim to be and that you
meet the criteria to enter (authentication and authorization in IT jargon). If
you try to enter and you haven't shown that you are who you claim to be, or you
don't meet the criteria, you get bounced. That's pretty much what identity management
used to be -- the bouncer at the IT door; the guard at the IT gate.
Today, identity management is a lot more. Oh, it's still got the muscle to
guard the gate. But given the right set up, the bouncer at your IT door has
got as much brain power as brawn. The trick is to let the bouncer use it!
Identity management solutions have evolved to encompass all of the processes,
practices, and tools utilized to govern the complete lifecycle of digital identities.
They now provide a variety of important functions to consolidate identity information
and centralize identity management while automating identity, password, and
compliance management tasks.
Identity management solutions can consolidate identity information into a single
identity data repository, greatly simplifying management. This information presents
a comprehensive, consolidated view of users. As a result, IT can use this to
answer the fundamental question, "Who are the users?"
Centralizing identity management tasks is also important. This lets IT control
and enforce access privileges from a central point based on roles and business
policies. IT can then answer the question, "Who has access to what?"
Centralization helps increase administrator productivity because administrators
no longer have to juggle multiple user accounts on different systems.
That's not all: a well-architected identity management solution should automate
user administration and access provisioning through automated rule- and role-based
management of user accounts on enterprise systems. This grants access to new
users based on their roles in the organization. It also grants immediate role-based
access to newly deployed IT resources. In addition, this provides the capability
to change user access rights when users change roles. Furthermore, it revokes
access when users terminate their relationships with the organization. Yes,
the identity management solution watches the IT door very carefully.