In this week’s article, we continue the series of posts where we examine the top features to look for in a modern identity and access management system. We have started with access management, but plan on doing later installments on identity management and data stores. If you have any questions or comments, feel free to send us your thoughts at firstname.lastname@example.org and maybe you’ll change our minds on the order!
For maximum excitement and anticipation, we have gone with a top 20 list and will do 5 entries per post. Think you know the top 5? Let us know and there could be a prize in it for the people who guess the order correctly. Having shared 20 through 16 last time, here are the next 5:
- Role, group, and attribute-based authorization model
Access management tools should be able to support a vast array of authorization models that could be used within the enterprise. While most of the tools support RBAC, these tools should ideally also support other commonly used models such as group membership and attribute-based authorizations.
- Dynamic authorization model
Dynamic authorization support provides organizations a flexible set of policies that can leverage external services and data not in the user store to make authorization decisions.
- Seamless integration
Access management tools should provide a broad set of application and identity federation integration options. Those features allow organizations to seamlessly secure applications and services while providing the best user experience possible.
- Session management
Full lifecycle session management is critical to protecting user sessions from attack. Features such as federated Single Logout Out (SLO) ensure that sessions are terminated across identity, resource, and service providers.
For access management platforms to provide a broad and robust security framework, the tool must support multifactor authentication mechanisms. Multifactor can be used for requirements such as providing additional layers of protection for critical resources and increasing the user validation requirements for high risk users.
As always, we hope that you have found this information useful. If you need IAM assistance, reach out to SIS today and we would be happy to assist you. And subscribe to our newsletter to be notified about the posting of future articles and other SIS news.