Identity management is a term that broadly describes the technologies needed to administer the identities of the members of a group on a computer system. The group can be anything from a small business to a large multinational corporation.
In a large corporation, identity management deals in establishing employee identities and in defining access privileges for each employee for different parts of the corporate network. Well-implemented identity management is important to helping corporations keep sensitive information from getting into the wrong hands.

The identity lifecycle

Employees in corporations often have constantly evolving roles. It isn’t enough for an identity management system to provide identification and issue access privileges once. As employee roles change, access privileges need to keep up, too. The constant identity maintenance process that goes into keeping an employee’s identity updated over his time at a company is called identity lifecycle management.
Software that takes care of identity lifecycle management usually has modules for password management, database management, security enforcement and monitoring. Modern identity lifecycle management technologies are delivered in software suites that include digital certificate administration, credential management and smart card management.

Why does one need identity lifecycle management?

Identity management is an inseparable part of modern business security, especially in organizations that deal in electronic commerce. Companies use these systems to protect themselves and to enhance productivity.

Professionals in charge of IT departments at corporations don’t just need to be familiar with identity lifecycle management software to keep track of employees and company-provided computers. They also need this technology to administer the personal computers and devices that employees bring to work and connect to the company network.

Government rules require that corporations set up identity management software, too. Major ID database thefts at corporations like ChoicePoint and Bank of America in 2005 brought in new laws that require corporations to keep better control over their identity databases.
How does an identity lifecycle management system work?

Identity management systems are usually built out of four basic components:

• An identity database.
• Tools to add, remove or modify individual entries.
• An enforcement system that makes sure that people don’t get on the company system unless they have credentials.
• A monitoring system that makes sure that no unauthorized access takes place.

The specific ways in which identity administration takes place can depend on the company. Most companies use a combination of user passwords, smart cards and digital certificates.

Federated Identity Management systems are the most versatile

Simple identity management systems only allow users to sign on when they have identification records on the database. In many situations, though, businesses may need to sign on people who belong to other trusted networks, as well. Facebook would be a simple example. If you have a Facebook ID, a federated identity management system on an online shopping website may allow you to use your Facebook ID for your shopping needs. It can give an enterprise considerable flexibility to be able to share identity information with other businesses. While searching for federated identity management systems, businesses usually choose from major vendors like IBM and CSC.

Usually, implementation of an identity management system is done by third-party consultants.

Charles Talley is a computer security officer for a small company in the city. An avid blogger, he likes to share his findings with others by posting on the Web.

Comments are closed.