In this week’s article, we begin a series of posts in which we examine the top features to look for in a modern identity and access management system. We will start with access management (AM), but plan on doing later installments on identity management and directories. If you have any questions or comments, feel free to send us your thoughts at firstname.lastname@example.org and maybe you’ll change our minds on the order!
To keep things interesting, we have gone with a top 20 list and will do 5 entries per post. Think you can guess the top 5? Let us know and we’ll see how many people manage to guess the order correctly.
To resolve customer issues faster, impersonation of client users by help desk personnel is an extremely powerful tool. Being able to operate as the client user, or impersonate them, cuts through the normal data collection activities and makes debugging issues much easier.
- Migration between environments support
When using best practices, an organization would, at a minimum, use multiple environments for development, testing, and production. Promoting configurations from one environment to the next in an automated fashion makes that process easier and less likely to include human errors.
- Log aggregation or correlation support
In a world where data is critical for a variety of activities, a tool that allows for the sending of log data to various interfaces is key. Files, databases, and other interfaces (like syslog) should be supported.
- Monitoring support
Beyond having its own UI and possibly supporting SNMP, the product should also relay useful metrics for monitoring. Information on activities like total authentications per resource, failed authentications, and unknown user attempts should available or easily derived.
- Audit support
Possibly higher on many people’s lists, audit is central to important functions like reporting, compliance, and investigations (ranging from system debugging to criminal prosecutions). Your access management system should be able to collect and store variable amounts of data in a variety of locations and repositories.
As always, we hope that you have found this information useful. If you need IAM assistance, reach out to SIS today and we would be happy to assist you. And subscribe to our newsletter to be notified about the posting of future articles and other SIS news.