Identity Management (IdM) is the set of business processes—and the supporting technology infrastructure service components—that create, maintain, and use digital identities within legal and policy contexts. The IdM infrastructure is pervasive throughout the organization, supporting both centralized and decentralized administration. Identity management architectures typically need to integrate core components such as user provisioning, logical and physical access management, identity lifecycle management, directory services, identity data content integration technologies, role management, federation, public key infrastructure and identity audit. (Burton Group, 2008)
Identity Access Management (IAM) refers to those technologies that allow organizations to manage and control user accounts and privileges and to enforce real-time access to resources. (Gartner Group, 2006)
Increasingly, organizations are taking a holistic approach to IdM and IAM and market drivers are causing a convergence between logical systems and networks and physical access systems. Benefits to the organization include improved security and risk posture; sustainable compliance with government regulations; standardization and optimization of business processes, policies and procedures; reduction in time and cost to address both physical and logical security incidents; improved protection of sensitive data; and, improved management visibility through centralized collection, normalization and correlation of both logical and physical security information and events.
A coordinated, strategic and unified approach to IdM and IAM for Colorado's state government will provide the following benefits to the State and its citizenry: