Identity and Access Management

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Course
Time
8 hours 25 minutes
Difficulty
Advanced
CEU/CPE
9
Video Transcription
00:00
>> The Identity and Access Management topic as a whole.
00:00
You know I don't like to read from slides,
00:00
but I'm just going to give you this
00:00
quote because it comes from
00:00
ISC square and I want us to consider that.
00:00
The role here is to focus on
00:00
harmonizing the provisioning of users
00:00
and managing access from
00:00
multiple systems with
00:00
different native access control systems.
00:00
That's a lot going on right
00:00
there so this idea of harmonizing,
00:00
having things work together,
00:00
orchestration and automation,
00:00
managing access from across multiple systems.
00:00
We're not just talking about local login and honestly,
00:00
we're not just talking about
00:00
logging in from a single domain.
00:00
We're talking about allowing credentials
00:00
to traverse domains regardless of what the platforms are.
00:00
Of course, that's going to require
00:00
some configuration and some setup,
00:00
and that's exactly what this domain is all about.
00:00
Like I said, we're going to focus
00:00
on identity management first.
00:00
When we say identity management,
00:00
what we're referring to is
00:00
creating an identity for our users.
00:00
That identity could be based on who they are.
00:00
I might have a Kelly H account,
00:00
could be based on my role within the organization.
00:00
I might have Trainer 1.
00:00
But the idea is this identity
00:00
is going to be tied to my login information,
00:00
my user account and I'm going to use
00:00
that to identify two resources throughout the network.
00:00
Now once I identify,
00:00
here's where the access management piece comes in.
00:00
Because then I have to authenticate,
00:00
which is prove I am who I say I am.
00:00
I have to authenticate,
00:00
which is who I am, proving it.
00:00
I am who I say I am,
00:00
then I get authorized and authorization is about being
00:00
granted rights and permissions
00:00
to perform certain actions on the network,
00:00
and then accounting or
00:00
auditing being the final stage here,
00:00
where I am able or we're
00:00
able to map actions to a specific user.
00:00
There are a lot of elements, as you can see,
00:00
the little diagram that goes into these pieces.
Up Next