Definition
Identity and Access Management (IAM) encompasses the policies, processes, and technology for managing digital identities (users, devices, services) and controlling access to enterprise resources. Core capabilities: identity lifecycle (provisioning, deprovisioning, role changes), authentication (SSO, MFA), authorization (role-based or attribute-based access control), federation (cross-organization identity), and governance (access reviews, segregation-of-duties). Major enterprise IAM platforms: Microsoft Entra ID (formerly Azure AD), Okta, Ping Identity, SailPoint. Strong IAM is the foundation for Zero Trust, ZTNA, and SSE - every modern security architecture depends on accurate, fresh identity data and clean group membership.
Related terms
- MFA (Multi-Factor Authentication) - Authentication requiring two or more independent factors (something you know, have, or are).
- SSO (Single Sign-On) - Authentication that lets a user log in once and access multiple applications without re-authenticating.
- PAM (Privileged Access Management) - Specialized identity and access controls for accounts with elevated privileges (admin, root, service accounts).
- ZTNA (Zero Trust Network Access) - Identity-driven, application-level access to internal apps - the modern replacement for VPN.
- Zero Trust - A security model based on "never trust, always verify" - every access request is authenticated, authorized, and encrypted regardless of network location.