At its simplest, IAM is the process of managing who has access to what systems and data over time. It consists of the strategy and rules for protecting your bank against unauthorized access to your bank, customer, and employee data.
Making information secure isn’t that hard if that’s your only goal. But systems and information don’t exist to be locked down. They exist to be used. Their value depends on how well they enable authorized users to access them seamlessly, swiftly, from different devices, different locations, and with the precise access permissions each user is entitled to. That is the other face of IAM – enabling.
It is increasingly apparent that yesterday’s mechanisms are far short of what the new environment requires.