Identity and Access Management (IAM) is the practice of verifying the identity of a user, device, machine, or other endpoint as it tries to access a network or an application, in addition to the granting least privileged access to those same items once they are inside the network or application.
Importance of IAM
IAM is a core part of the Zero-Trust framework, which means it should be standard for any MSP's managed stack. Devices and endpoints come and go, but IAM is the connective tissue that ties together how everything is accessed securely.
Forms of IAM
Multi-factor Authentication (MFA)
The process requires the user validate their identity by proving they have a second factor only they know or possess to login. This is accomplished typically by entering a 6-digit code, approving a push notification on a mobile device, or some other form of key fob.
Single Sign On (SSO)
SSO is the same thing as MFA, but it prevents you from having to enter in a code or approve a push notification every time you attempt to login. Once in a secure browser session after verifying your identity, you can access all systems and applications that are integrated with Evo.
Privileged Access Management (PAM)
PAM is how you can control what admins can do inside of Evo and what end users can access. For example, perhaps you want some Admins to access only Users and Keys, but others can Access everything. On the end user side, perhaps you only want certain users to access (login to) certain applications and not others.
This is just a high-level overview, so please contact us with any questions.