IAM, IGA, PAM, IM e AM let’s make order

Articles

  • IAM

IAM, IGA, PAM, IM e AM let’s make order

IAM, IGA, PAM, IM, and AM are acronyms that refer to cybersecurity software dedicated to identity management, access privileges, and provisioning. For those not experienced in the field, these acronyms can seem like a real maze at first. However, it is crucial to understand that they do not represent the same thing.

IAM (Identity and Access Management)

Identity and Access Management (IAM) is a set of technologies that regulate authentications, authorizations, identity management, analysis, and monitoring within an organization. IAM consists of two main parts: Identity Management (IM) and Access Management (AM). Furthermore, what it manages can be divided into 5 functions:

  • – Authentication ensures that users prove who they claim to be.
  • – Authorization ensures that users, once authenticated, have access only to the resources they are entitled to.
  • – Administration allows managing the lifecycle of users’ identities and accesses according to company policies.
  • – Analysis detects improper accesses and evaluates the needs for risk assessment.
  • – Audit verifies the correctness of assigned authorizations and compliance with company policies and procedures.

IM (Identity Management)

Within IAM technologies, we can finally identify two distinct branches: those dedicated exclusively to identity management (IM) and those focused solely on access (AM).

The former focuses on registering users’ identities and verifying their identity when accessing resources.

AM (Access Management)

In the second case, Access Management systems ensure access to resources and perform checks on the accesses themselves.

IGA (Identity and Governance Administration)

Identity Governance and Administration (IGA) systems go a step further than IAM systems. They are a combination of software for access and identity management, with the aim of ensuring the application of policies and regulations during the process.

In an ideal model, an IGA software includes the functions of an IAM software but additionally allows controlling the adherence to the policies of implemented processes.

PAM (Privileged Account Management)

Privileged Account Management (PAM) is a technology designed to provide access, even temporary, to individuals with privileged credentials. Imagine the case of a system administrator who needs to access a machine to perform maintenance.

In this context, PAM intervenes by providing temporary credentials with a predefined duration and the minimum possible privilege, allowing the person to perform necessary maintenance actions while minimizing security risks. At the end of the established period, the credentials are automatically deleted.

In conclusion, while the acronyms IAM, IGA, PAM, IM, and AM may seem similar and interchangeable, each of them represents a specific aspect of corporate cybersecurity related to access to digital resources. Understanding the differences between them is crucial to implement a comprehensive and robust cybersecurity strategy that protects the organization’s resources from external and internal threats and attacks.

< Back to the blog