Author: Surya
IAM Blog Series – Part 5: Identity and Access Provisioning Lifecycle.
Identity Access Provisioning Lifecycle: IAM Part 5 Guide This guide on identity access provisioning lifecycle IAM (Part 5) covers the complete lifecycle of identity provisioning: account creation, role assignment, access reviews, deprovisioning, and off-boarding. Proper lifecycle management prevents privilege creep and unauthorized access. For related content, see our IAM Part 6: Internet AuthN/AuthZ and CISSP… Read More →
Domain 1: Security Risk & Governance
CISSP Domain 1 Security Risk and Governance: Overview Guide This overview of CISSP Domain 1 security risk management and governance introduces the foundational concepts of information security risk and governance frameworks. Domain 1 covers risk management, security governance, compliance frameworks, legal issues, and business continuity planning. For more detailed content, see our Security Risk Management… Read More →
IAM Blog Series – Part 4: Authorization Mechanisms
Authorization Mechanisms: DAC, RBAC, ABAC, MAC Explained for IAM This guide on authorization mechanisms DAC RBAC ABAC MAC (IAM Part 4) explains the four primary access control models: Discretionary Access Control (DAC), Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Mandatory Access Control (MAC). Understanding these authorization mechanisms is essential for both IAM professionals… Read More →
IAM Blog Series, Part 3: Authentication Factors
Authentication Factors and MFA: IAM Part 3 Complete Guide This guide on authentication factors MFA IAM (Part 3) explains all authentication methods: something you know (passwords), something you have (tokens/smart cards), something you are (biometrics), and multi-factor authentication (MFA) combinations. Strong authentication is the first line of defense in identity security. For related content, see… Read More →
IAM Blog Series, Part 2: Identification & Authentication Strategy
Identification Authentication Strategy IAM: 2-Step Process This guide explains the identification authentication strategy IAM practitioners use: identification (claiming an identity), authentication (verifying it), and how these two steps form the foundation of access control. For related content, see our Authentication Factors MFA Guide and CISSP Domain 5: IAM Guide. External references: NIST SP 800-63 Identity… Read More →
IAM Blog Series, Part 1:The First Step in Controlling Access
Identity Access Management Fundamentals: IAM Part 1 Introduction This guide introduces identity access management IAM fundamentals (Part 1): what IAM is, why it matters for cybersecurity, the core IAM program components, and how IAM forms the foundation of zero-trust security. For related content, see our IAM Part 2: Authentication Strategy and CISSP Domain 5: IAM… Read More →