Tuesday, 30 September 2008

The Identity and Access Management Scenario

Note: there is a separate Identity and Access Management Summit.

A set of processes and technologies to manage:

  • Users' digital identities
  • The relationship to civil identity
  • Users' access to systems and the information they contain

Identity: user lifecycle management. Access model: role life cycle management. Identity lifecycle consumes roles from access model. Workflow that passes roles to user lifecycle has a lifecycle itself. All this is done to reduce risk (how does the security framework affect the workflows).

Security efficiency; security effectiveness; business enablement.

Interesting that, when talking about the value of IAM, the first thing the speaker mentioned was attracting and retaining customers—that is exactly what we're doing when we use UIM to help with PGA.

Value:

  • Attract and retain customers
  • Improve critical business processes and workflows
  • Maximise performance and profitability

IAM Program Maturity

Non-existent

Initial

Developing

Defined

Managed

Optimizing

4%

10%

40%

28%

15%

4%


 

Does indicate the importance of process definition before applying IAM to that process. We need to work out what process definition we need to do for students during the registration process (and during the application process) to give them the access they need.

No comments: