Identity and access management technologies and services are used to increase security by ensuring that applications and the data they contain are not accessed inappropriately. These services also aid productivity by ensuring that those with the appropriate access rights assigned to them can access the resources they need efficiently as and when needed.
Identity and access management technologies and services have been evolving since their introduction in the 1990s. Many vendors developed capabilities for facilitating and controlling access to enterprise applications provisioned on the internal networks of organisations. They were often provided as suites of products and services that interfaced with the identity stores commonly used to store details about employees’ identities. However, implementing such systems was a complex and expensive task that could take many months, if not years, to complete. They were also mostly designed for larger organisations.
In the past four to five years, identity and access management technologies and services have seen considerable evolution and innovation. Today, they are used to broker access not just to internally provisioned applications, but also to the multitude of services and applications provided by external parties as web-based applications, as software-as-a-service (SaaS) subscriptions in the cloud, and via mobile devices. Such services place the emphasis on ease of use and implementation and can scale from the smallest micro-firm to multinational enterprises and agencies, making them suitable for use by any organisation, no matter its size or line of business.