Identity and Access Management as a Service

Why Trust Techopedia

What Does Identity and Access Management as a Service Mean?

Identity and access management as a service (IDaaS or IAMaaS) refers to web-delivered services that create and control access levels for individual users. This is one of the many types of cloud services now offered by cloud vendors.


Techopedia Explains Identity and Access Management as a Service

Identity and access management as a service builds on the basic idea of software as a service (SaaS) that started in recent years, as vendors were able to effectively “stream” services over the Web rather than provide them as licensed software packages, such as in CDs and boxes.

Vendors started offering a wider range of cloud-delivered SaaS products, such as platform as a service (PaaS), communications as a service (CaaS) and infrastructure as a service (IaaS). Network virtualization and the abstraction of hardware into logical tools further accelerated this development.

In today’s complex environment, IAMaaS helps companies set up customized levels of security for an IT architecture, either as a whole or in parts. The essential idea is that a third-party service vendor sets up user identities and determines what these individual users can do within a system. Like the old identity and access management tools, the way these services work is through a complicated process of tagging and labeling individual users and user behaviors, and then creating a detailed security authentication for them. IAMaaS is even more applicable to companies that allow employees to use or bring their own devices for work. In many cases, the use of different devices requires tighter security to protect trade secrets and other confidential information.

One benefit of IAMaaS to the industry is that companies have the choice of creating a blanket system either for the entire architecture or for just one part. Some IT experts caution businesses that may only want to provide IAMaaS for cloud-related services, where the “legacy applications” in place do not have the same levels of control. These experts point out that, in some cases, leaving some of those areas relatively open can create major vulnerabilities.


Related Terms

Margaret Rouse

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…