Identity & Access ManagementAlso called: "IAM program"
IAM unifies how people and services prove who they are and what they can do.
Building blocks
- Central directory of users, groups, and service principals.
- Authentication flows such as single sign-on (SSO) and multi-factor authentication (MFA).
- Authorization policies enforced through roles, attributes, or context.
- Audit trails and attestation workflows for compliance.
Maturity cues
- Automated provisioning and deprovisioning linked to HR events.
- Periodic access reviews with approval trails.
- Fine-grained policies that adapt to device health and location.
Explore More Identity & Access Management
View all termsAuthentication vs Authorization
Authentication verifies who you are, while authorization determines what you can do.
Read more →Multi-Factor Authentication (MFA)
An authentication method that requires users to provide two or more verification factors to gain access.
Read more →Privileged Access Management (PAM)
A framework for securing and auditing accounts with elevated permissions, such as admins, service accounts, and break-glass users.
Read more →Session Management
The process of securely maintaining user state and authentication across multiple HTTP requests.
Read more →