Identity and Access Management as a Service

What Does Identity and Access Management as a Service Mean?

Identity and access management as a service (IDaaS or IAMaaS) refers to web-delivered services that create and control access levels for individual users. This is one of the many types of cloud services now offered by cloud vendors.


Techopedia Explains Identity and Access Management as a Service

Identity and access management as a service builds on the basic idea of software as a service (SaaS) that started in recent years, as vendors were able to effectively “stream” services over the Web rather than provide them as licensed software packages, such as in CDs and boxes.

Vendors started offering a wider range of cloud-delivered SaaS products, such as platform as a service (PaaS), communications as a service (CaaS) and infrastructure as a service (IaaS). Network virtualization and the abstraction of hardware into logical tools further accelerated this development.

In today’s complex environment, IAMaaS helps companies set up customized levels of security for an IT architecture, either as a whole or in parts. The essential idea is that a third-party service vendor sets up user identities and determines what these individual users can do within a system. Like the old identity and access management tools, the way these services work is through a complicated process of tagging and labeling individual users and user behaviors, and then creating a detailed security authentication for them. IAMaaS is even more applicable to companies that allow employees to use or bring their own devices for work. In many cases, the use of different devices requires tighter security to protect trade secrets and other confidential information.

One benefit of IAMaaS to the industry is that companies have the choice of creating a blanket system either for the entire architecture or for just one part. Some IT experts caution businesses that may only want to provide IAMaaS for cloud-related services, where the “legacy applications” in place do not have the same levels of control. These experts point out that, in some cases, leaving some of those areas relatively open can create major vulnerabilities.


Related Terms

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…