Digital Identity

The Importance of Identity and Access Management (IAM)

In this modern world of digitization, every company needs a proper solution to manage all their digital identities. There are more identities than you might think:

• Employees identities
• Customers identities
• Organizations identities
• Devices identities
• Applications and services identities

All these identities have different entitlements, such as access to services and systems, and different legal regulations (e.g.: PSD2, Open Banking & GDPR) attached to them too. But how about security, and privacy? And how can you use and leverage identity and context to enable ‘Zero Trust’ in places where your organization needs it the most?

Booleans is here to help you. Our company’s sole focus is managing your identities and security posture, while always starting with the customer journey to maximize customer convenience.

To better understand Booleans’ value, let us quickly break down some core concepts and terms.

Explanation IAM Terms

• An Identity is who you are. You can prove who you are (which is called authentication) by providing something you know (password, pin), something you have (such as your phone, via SMS) or something you are (biometrics, such as fingerprint or face recognition)
• An account is a technical representation of an identity in a certain system. An identity can have multiple accounts within an organization (e.g.: Active Directory account, Google account, Salesforce account,…)
• Multi-Factor Authentication (MFA) is when more than one authentication category is being asked for, for example a password and face recognition
• Access Management (AM) is when your Identity is used to determine what type of access you have to applications or systems. The access you have is called Authorization
• Single Sign On (SSO) happens when you login only once and then, for the eyes of the user, automatically have access to multiple systems
• Role Based Access Control (RBAC) is a way to manage access to applications or systems by grouping the correct access rights into roles, like Administrator or Financial Analyst for example
• Attribute Based Access Control (ABAC) is also a way to manage access rights, but by using attributes There are many potential attributes, such as user security clearance, or data sensitivity, or certain office hours that can be used in ABAC
• Relationship Based Access Control (REBAC) is an access control strategy, based on the relationships you have as an identity. Think about for instance households, classmates or caretakers
• Federation is used to establish a link between third party identity or service providers. Within the Federation it is all about sharing identity information and delegate access to third party applications. Consent of the end-user is covered by those standards as well. Federation can enable business strategies and connect organizations in this increasingly connected world
• With ‘Open Standards’ we mean standards, used for connecting applications and Identity Providers. Some standards commonly used here are OIDC (OpenID Connect), SAML2 & OAuth2.