How identities are created, verified, controlled, audited, and retired

The IAM Mindset

IAM answers one question:

“Who are you, how do you prove it, and what are you allowed to touch?”

Everything in this domain revolves around those three components:

1. Authentication — proving identity
2. Authorization — granting permissions
3. Accounting (Auditing) — tracking actions

Your seniors need to see how the entire ecosystem fits together.

1. Authentication — Proving You Are Who You Claim to Be

Authentication = identity verification.

Authentication Factors (Know These Cold)

Something you know → passwords, PINs

Something you have → token, smartphone, smart card

Something you are → fingerprint, face

Somewhere you are → GPS location

Something you do → typing rhythm, behavior

Multi-factor authentication (MFA) combines two or more.

Why MFA Works