Identity-related fraud is one of world’s fastest growing problems, posing significant commercial, operational and administrative risks to both public and private sector organisations alike. Identity management covers all the processes used to create and manage information system user accounts and access rights.
An effective security infrastructure requires a scalable and manageable authentication system to ensure that only authorised users and applications have access to mission critical resources and data. In the traditional information system world, where networks were private by default, users simply had to identify themselves with a user name and password. Only as systems expanded and the field of computer science grew into the internet in the early 1990s did the role of the ‘public’ or ‘general user’ develop.
As a result, identity management has evolved from a centrally controlled user ID process managed by a "gatekeeper" into a system of user driven self-service. Users are now responsible for password resetting and management, removing a central function of system maintenance away from the technical staff and placing it in the hands of the user community. To address this shift in process, complex workflows surrounding the management of user access, approvals and account management has been developed.
Two-Factor Authentication (TFA or 2FA)
The use of two different means of identification to assert one entity's identity to another.
Network Access Control
Where conventional IP networks enforce access policies in terms of IP addresses, NAC environments attempt to do so based on authenticated user identities, at least for user end-stations such as laptops and desktop computers.
Public Key Infrastructure (PKI)
Set of hardware, software, policies and procedures to build, manage, distribute, use, store and revoke digital certificates associated to users or systems.