Identity management (ID management) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity.
At the most basic level, identity management involves defining what users can do on the network with specific devices and under what circumstances. Today, many security products have an emphasis on managing mobile access to corporate systems. In an enterprise setting, identity management is used to increase security and productivity, while decreasing cost and redundant effort.
For security reasons, tools for managing identity management should run as an application on a dedicated network appliance or server, either on-premises or in the cloud. At the core of an identity management system are policies defining which devices and users are allowed on the network and what a user can accomplish, depending on his device type, location and other factors. All of this also depends on appropriate management console functionality, including policy definition, reporting, alerts, alarms and other common management and operations requirements. An alarm might be triggered, for example, when a specific user tries to access a resource for which they do not have permission. Reporting produces an audit log documenting what specific activities were initiated.
Many identity management systems offer directory integration, support for both wired and wireless users and the flexibility to meet almost any security and operational policy requirement. Because BYOD is so strategic today, time-saving features such as automated device onboarding and provisioning, support for a variety of mobile operating systems and automated device status verification are becoming common.
See also: identity chaos