Unified access management

Unified access management (UAM) refers to an identity management solution that is used by enterprises to manage digital identities and provide secure access to users across multiple devices and applications, both cloud and on-premise. Unified access management solutions provide a single platform from which IT can manage access across a diverse set of users, devices, and applications, whether on-premise or in the cloud.[1]

Unified access management (UAM) is an evolution of identity and access management (IAM) systems. The goal of unified access management is similar to that of identity and access management: manage the identities of individual entities (people, devices, and so on) and their authentication and authorization (roles and privileges) within and across enterprise systems in a secure manner that bolsters productivity.[2]

Identity and access management

edit

Traditional identity and access management tools work well in addressing specific portions of the enterprise (specific app environments, as in on-premises or cloud; or for specific users, as in employees vs. external partners) on their own.[3] However, many businesses must harness multiple IAM solutions. For example, they may use Microsoft Active Directory and a Web access management tool to manage access to on-premise applications, but require Identity-as-a-Service (IDaaS) solutions to manage access for cloud Software as a Service (SaaS) apps.

Managing multiple identities and access management systems is a burden for Information Technology (IT) departments. It adds to cost by requiring maintenance of multiple solutions and often requires that users are provisioned and de-provisioned in multiple systems. This is because a given IAM system may only manage access from specific devices and for specific systems.[4]

With fragmented identity management, the enterprise may not be able to provide true single sign on, multi-factor authentication, or effective user lifecycle management, slowing down digital transformation. This has a significant, financial impact.

Forrester found a $4.47 million annual loss of productivity due to poor access management per every 10,000 employees.[5] Hybrid IT environments complicate access management, but many organizations are not able to dispense with on-premises systems. For example, in 2018 47% of IT decision makers surveyed reported that the majority of their organization’s custom applications still run on-premises.[6]

The extensive cost of moving legacy systems means organizations are likely to remain hybrid for some time.

Unified access management versus identity access management

edit

UAM differs from IAM by providing an umbrella solution. A central, cloud directory is the single source of truth for identities and access. The cloud directory integrates with on-premise identity providers or cloud identity providers. It requests information from the identity providers and updates them, so that IT can do all user lifecycle management work in one place (the cloud directory) and let the UAM update appropriate identity providers.

UAM provides other functionality needed to secure access across users and devices. Typically, this includes:

References

edit
  1. ^ Wodecki, Natalia (11 April 2018). "What is Unified Access Management?". OneLogin. Retrieved 12 December 2018.
  2. ^ Nickel, Jochen (2016-09-30). Mastering Identity and Access Management with Microsoft Azure. Packt Publishing Ltd. ISBN 978-1-78588-788-8.
  3. ^ Wu, Liangshun; Cai, H. J.; Li, Han (2021). "SGX-UAM: A Secure Unified Access Management Scheme With One Time Passwords via Intel SGX". IEEE Access. 9: 38029–38042. doi:10.1109/ACCESS.2021.3063770. ISSN 2169-3536.
  4. ^ "The Unified Access Management Playing Field". OneLogin. Retrieved 12 December 2018.
  5. ^ "Cost Savings And Business Benefits Attributed To Cloud-Based IAM Solution". OneLogin. Retrieved 12 December 2018.
  6. ^ "IT Modernization:Critical to Digital Transformation" (PDF). OneLogin. Retrieved 12 December 2018.