Identity Governance and Access Management (IAM) is one of the main domains of sofision llc. For practical IAM consulting extensive capabilities are required. In order to promote access and authorization efficiently, a deep affinity for business requirements, concepts and data models is necessary. However, a broad range of IT know-how is essential as well. This is important in order to communicate at same level with the relevant stakeholders and leverage ideas. With extensive practical experiences sofision llc is the perfect partner for professional service and consulting all around Identity and Access Management.
Around the following topics you are in good hands with sofision llc
- Access Provisioning
- Master data provisioning
- Recertification
- Segregation of duty
- Role concepts
- Priviledged Identity and Access Management
- Authentication
- Authorization
As a domain of security, the capabilities of identity and access management as a business driver are often underestimated. A strong positioned IAM significantly increases the agility of the company and helps to achieve consistency and clear structures as well. In any case, the topic must be assigned an appropriate status in IT strategy. Automation and clever consolidation of user interactions is an integral part of IT governance. The ability to trace person related data flows and accesses, is also a matter of credibility.
IAM is traditionally divided into the following two main topics. Although there are numerous examples of blurring the border between the two fields and future requirements will make the separation more and more difficult, considerable different skills are need to meet the requirements of this two major disciplines.
Identity und Governance Management or simply Identity Management, is focused on the integration of target systems. A variety or technologies and the automation of process flows are the main topic. Essential tasks are processed asynchronously in the background, which usually makes these systems only moderately critical in terms of availability. However, because of its significant impact on target systems, Identity Management is highly critical in terms of integrity and business continuity. More on this: Identity Management
Access Management focuses primarily on authentication. Basically technologies such as OIDC, SAML, Kerberos, SSL etc. are in the focus. If you implement Access Management, you will have to deal deeply with firewall rules, reverse proxy configurations, network protocols and SSL certificates. The availability of access management is highly critical, as the target applications are no longer reached in the event of a failure. The criticality of security is also extremely high, as it is usually exposed to the public as access control of the company. More: Access Management
