Identity at the Center Identity At The Center #31 - Confusing and Misleading IAM Terms
Feb 17, 2020
Join Jim and Jeff as they untangle the often confusing terminology in the world of identity and access management. They delve into the distinctions between internal and external applications, and debate how hybrid tools like Microsoft Teams fit into these categories. Discover the nuances of role definitions in IAM, privileged access, and the differences between single sign-on and simplified sign-on. The discussion also touches on multi-factor authentication and the various meanings of mobile device management, ensuring clarity in this complex field.
AI Snips
Chapters
Transcript
Episode notes
Define Internal vs External Up Front
- "Internal" vs "external" depends on perspective: user population or who manages the app.
- Define and agree your organization's meaning and move on to avoid wasted debate.
Get Stakeholder Alignment Fast
- Agree a working definition with stakeholders rather than chasing universal semantics.
- Use that shared definition to drive IAM decisions and avoid endless semantic debates.
Roles Are Contextual Constructs
- "Roles" means different things across vendors, apps, and business contexts.
- Be flexible and map application constructs (roles, groups, entitlements) to your IAM and business role models.