The document provides an overview of Identity and Access Management (IAM) and its importance in managing digital identities, access privileges, and compliance. It highlights key business drivers, such as improved security and operational efficiency, along with core IAM services and components. Additionally, it discusses processes like user access certification and role-based access control to ensure effective management of user identities and their access to resources.

1. Sailpoint IAM training
By www.itjobzone.biz
Identity And Access Management (IAM) overview
ITJobZone.biz - Private

2. • Set of processes and a supporting infrastructure for the creation, maintenance
and use of digital identity
• Identity centric approach to enterprise security
• Identification, authentication and authorization
• Administration mechanisms for user accounts and passwords
• Role-based design
• Supports delegated administration
• Supports audit logging and reporting
What is Identity and Access Management?
ITJobZone.biz - Private

3. Key business drivers of IAM
Improved security
• Enforce enterprise risk
management policies
• Manage user access privileges
• Protect sensitive information
resources
Business enablement
• Improve user experience
• Enable collaboration with
business partners
• Reduce time-to-market
Operational
efficiency
• Reduce
administrative costs
• Reduce audit costs
• Standardize IAM
infrastructure
• Contain development costs
Audit and compliance
• Regulatory compliance
• Audit management
Key business drivers of IAM
ITJobZone.biz - Private

4. Identity & Access Management
Five Pillars of IAM domain:
 Identity Management
 Access Management
 Privilege Identity Management
 Access Governance
 Directory Services
ITJobZone.biz - Private

5. Access Management
Access management refers to the processes used to control who has access to
specific information assets. information assets.
►Providing the capability to request specific
entitlements and/or roles
►Implementing workflow processes for
approving the granting of entitlements and/or
roles to a user
►Providing the ability to modify or remove the
entitlements and/or roles assigned to a user
►Managing the association of entitlements to
roles
►Associating entitlements and roles to job
functions
►Providing the ability to review, remove,
approve and certify the entitlements and/or
roles assigned to users
►Providing the ability to review and audit
historical access
ITJobZone.biz - Private

6. I-A-A-A
IDENTIFICATION AUTHENTICATION
AUTHORIZATION
RESOURCE
ACCOUNTABILITY
ITJobZone.biz - Private

7. Core IAM services
Audit
Authentication
Authorization
Identification
Administration
Protected Resource
ITJobZone.biz - Private

8. Benefits of core IAM services
Audit
Authentication
Authorization
Identification
Administration
Protected Resource
1 2 3
4
5
1. Identification: Improve registration
process controls, management of
user identity and associated
account data
– Employees, contractors business
partners, and customers
2. Authentication: Efficient, policy-
based management of user logon
to enterprise application and
system resources
3. Authorization: Rationalized
process and technical controls
over user access to information
resources; Balancing compliance,
risk management, cost, and
business factors
4. Administration: Streamlined,
standardized user administration
processes, improving efficiency
and reducing operations costs
5. Audit: Reduce the cost and effort
required to demonstrate control
effectiveness and maintain
compliance
– Facilitate business and IT
collaboration through a common risk
and compliance framework
ITJobZone.biz - Private

9. IAM key components and services
Protection
Enterprise Identity Role Architecture
Employee
Customer
Business
Partner
Authoritative
Source
Identity
Repository User
Provisioning
BusinessEvents/Triggers
Attributes
Attributes
Attributes
Access
Management
ApplicationsandUsers
ITJobZone.biz - Private

10. Identity Management
Identity management refers to the processes associated with managing the entire
lifecycle of digital identities and profiles for people, process and technology.
►Establishing unique identities and
associated authentication
credentials
►Provisioning of new user accounts
►Management of identity data and
credentials
►Creating workflow processes for
approving account creation and
modification
►Providing the ability to modify, suspend
or remove accounts
►Auditing and reporting of user identity
information
ITJobZone.biz - Private

11. An Authoritative Source is an authorized origination point for user identity
information
Key components
• Source applications and data
• Resource data quality
• Business process support capabilities
Key considerations
• Existing resource data
• Business process efficiency, effectiveness, and control
• Data completeness and accuracy
• Data ownership
• Organizational readiness
IAM components — Authoritative Source
Protection
Enterprise Identity Role Architecture
Employee
Customer
Business
Partner
Authoritative
Source
Identity
Repository User
Provisioning
BusinessEvents/Triggers
Attributes
Attributes
Attributes
Access
Management
ApplicationsandUsers
ITJobZone.biz - Private

12. Example scenario
Identity Management
System
Identity
Repository
Authoritative
Source
Access Management
System
Managed Resources
Create new user
HR Admin
ITJobZone.biz - Private

13. Example scenario
Identity Management
System
Identity
Repository
Authoritative
Source
Managed Resources
ITJobZone.biz - Private

14. Example scenario
Identity Management
System
Identity
Repository
Authoritative
Source
Managed Resources
ITJobZone.biz - Private

15. Example scenario
Protected
Resource(s)
Authentication
Authorization
Who are you? What can you Access?
User
User initiates
access to a
protected resource
1
User credentials
are evaluated to
prove identity
2
User profiles are
evaluated to
determine access
3
Authorized users
gain access to
information
resource
4
ITJobZone.biz - Private

16. • An access control mechanism which limits the resource access (system,
application etc.) based on the users job functions.
• An user is assigned one or more roles, which in turn provides access to
information systems, based on his or her job responsibilities.
IAM Services — Role based access control
Role establishment
Text
Text
Role usage
Role
Certification
Role
maintenance
ITJobZone.biz - Private

17. User access certification (UAC) is the periodic validation of actual
entitlements (or privileges) on an application granted to a user
(employee/contractor/third party)
IAM services — User Access Certification
IT team/
Application
Owners
Business
Managers
2. Data
Collection
1. Top Down
Analysis
3. Data Correlation &
Analysis
Certify
Revoke
4. Certification
Role
Implementation
5. Remediation
Manual
Automated
Applications
Operationalize
(By leveraging Roles, more value can be derived from User Access Certification)
User Access Certification process consists of three main phases — an
Application On-Boarding phase, a Certification phase and a Remediation
phase.
ITJobZone.biz - Private

18. ITJobZone.biz - Private
Thank You
Learn Sailpoint Online
From ITJobZone.biz
http://itjobzone.biz/Sailpoint-training.html
+91 9986072268
contact@itjobzone.biz
www.itjobzone.biz