Identity and Access Management as a Service

Why Trust Techopedia

What Does Identity and Access Management as a Service Mean?

Identity and access management as a service (IDaaS or IAMaaS) refers to web-delivered services that create and control access levels for individual users. This is one of the many types of cloud services now offered by cloud vendors.

Advertisements

Techopedia Explains Identity and Access Management as a Service

Identity and access management as a service builds on the basic idea of software as a service (SaaS) that started in recent years, as vendors were able to effectively “stream” services over the Web rather than provide them as licensed software packages, such as in CDs and boxes.

Vendors started offering a wider range of cloud-delivered SaaS products, such as platform as a service (PaaS), communications as a service (CaaS) and infrastructure as a service (IaaS). Network virtualization and the abstraction of hardware into logical tools further accelerated this development.

In today’s complex environment, IAMaaS helps companies set up customized levels of security for an IT architecture, either as a whole or in parts. The essential idea is that a third-party service vendor sets up user identities and determines what these individual users can do within a system. Like the old identity and access management tools, the way these services work is through a complicated process of tagging and labeling individual users and user behaviors, and then creating a detailed security authentication for them. IAMaaS is even more applicable to companies that allow employees to use or bring their own devices for work. In many cases, the use of different devices requires tighter security to protect trade secrets and other confidential information.

One benefit of IAMaaS to the industry is that companies have the choice of creating a blanket system either for the entire architecture or for just one part. Some IT experts caution businesses that may only want to provide IAMaaS for cloud-related services, where the “legacy applications” in place do not have the same levels of control. These experts point out that, in some cases, leaving some of those areas relatively open can create major vulnerabilities.

Advertisements

Related Terms

Margaret Rouse
Technology Specialist
Margaret Rouse
Technology Specialist

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.