The industry as a whole has an increasing need for understanding and implementing identity management (IdM) solutions. Regulations and laws are requiring dependable accountability, which is the push for the necessary IdM products and processes. The different components that are required for an enterprise IdM is so complex, many security professionals have to specialize and become experts in just this type of technology.
 
The following are many of the common questions enterprises deal with today in controlling access to assets:

• What should each user have access to?


• Who approves and allows access?


• How do the access decisions map to policies?


• Do former employees still have access?


• How do we keep up with our dynamic and ever-changing environment?


• What is the process of revoking access?


• How is access controlled and monitored centrally?


• Why do employees have eight passwords to remember?


• We have five different operating platforms. How do we centralize access when each platform (and application) requires its own type of credential set?


• How do we control access for our employees, customers, and partners?


• How do we make sure we are compliant with the necessary regulations?

Identity management is a broad and loaded term that encompasses the use of different products to identify, authenticate, and authorize users through automated means. To many people, the term also includes user account management, access control, password management, single sign-on functionality, managing rights and permissions for user accounts, and auditing and monitoring of all of these items. The reason that individuals, and companies, have different definitions and perspectives of identity management (IdM) is because it is so large and encompasses so many different technologies and processes. Remember the story of the four blind men who are trying to describe an elephant? One blind man feels the tail and announces, “It’s a tail.” Another blind man feels the trunk and announces, “It’s a trunk.” Another announces it’s a leg, and another announces it’s an ear. This is because each man cannot see or comprehend the whole of the large creature—just the piece he is familiar with and knows about. This analogy can be applied to IdM because it is large and contains many components and many people may not comprehend the whole—only the component they work with and understand, proven incapable of keeping up with complex demands and thus has been replaced with automated applications rich in functionality that work together to create an identity management infrastructure. The main goals of identity management (IdM) technologies are to streamline the management of identity, authentication, authorization, and the auditing of subjects on multiple systems throughout the enterprise. The sheer diversity of a heterogonous enterprise makes proper implementation of IdM a huge undertaking.

Many identity management solutions and products are available in the marketplace. The following are the types of technologies that make up IdM solutions:

• Directories


• Web access management


• Password management


• Legacy single sign-on

The Shon Harris CISSP course cover all of the above technologies and how they fit together enterprise wise.