IDENTITY & ACCESS MANAGEMENT

Identity and Access Management (IAM) refers to the systems and processes that enable an organization to securely manage user "identities" and their access rights to various resources.

Core Components of IAM
    1.    Identity Management 
        o    Creating and managing user accounts.
        o    Storing user information such as name, position, and role.
    2.    Access Management 
        o    Defining who can access which systems, applications, or data.
        o    Utilizing policies such as Role-Based Access Control (RBAC) or Attribute-Based Access Control (ABAC).
    3.    Authentication 
        o    Verifying who the user is (e.g., password, OTP, Biometrics).
    4.    Authorization 
        o    Checking what the authenticated user is permitted to do (e.g., Read, Edit, Delete).
    5.    Audit & Compliance 
        o    Logging user activities for security purposes and regulatory compliance.

Benefits of IAM
    •    Prevents unauthorized access to data.
    •    Reduces the risk associated with compromised user accounts.
    •    Streamlines and speeds up user permission management.
    •    Supports auditing for compliance with standards such as ISO 27001 and GDPR.