IAM Glossary

IT access refers to the ability for a user to access an IT system and use its resources, such as files, data, networks, and IT services.

A user directory is a database or a centralized management system that groups and stores information about users of a specific network, organization, or service.

An IT audit is an evaluation of your information system, an assessment that leads to recommendations for improvement.

This is the process by which an entity verifies the identity of a user or system before granting them access.

Automation in IT refers to the use of software, scripts, and other tools to perform repetitive or complex tasks autonomously, without direct human intervention.

Authorization gives the user explicit permission to access a specific resource or function.

Customer Identity and Access Management is a subcategory of IAM aimed at managing a company's customers or end-users at the level of security and access to online services.

Customer Relationship Management (CRM) is a strategy that aims to effectively manage the relationships and interactions between a company and its customers.

The validation workflow is a process organizing and automating requests and validations, internal or external.

An orphan account is an access account that is not linked to a physical user.

Connectors are software interfaces that allow different applications or IT systems to communicate with each other.

This is a set of measures and policies put in place to regulate access to IT resources.

A cyberattack is a deliberate attempt to compromise the IT security of a system, network, or device by using malicious techniques.

The lifecycle of a user from an IT perspective involves the creation of accounts upon arrival, the modification of rights and access during internal transfers, the suspension of accounts during long absences, and the deletion of accounts upon the user's departure.

User account deprovisioning is an automated process of removing a user's access to a system or IT resources, either because they no longer need it or because they are leaving the company.

Identity federation is a system or protocol that allows an organization to offload authentication by entrusting it to a third-party organization.

IAM, Identity and Access Management, refers to the processes and tools used to manage a user's entitlements within an organization.

Access Management is the process of controlling user access rights to systems and IT resources, thereby ensuring the security and compliance of companies.

Entitlement management is about giving the right permissions to the right person.

Identity Management is a set of processes and technologies for centrally managing user credentials within an organization.

Privilege management refers to the process of controlling and managing access rights and privileges granted to a given identity.

IAM is a set of processes and tools that allow a company to manage the authorizations of its users on the various IT resources (software, hardware...).

Identification is the process by which a user is associated with a unique and distinctive set of credentials, such as their username, email address, or identification number.

A digital identity is a virtual representation of an entity (person, machine, or application) that allows it to be identified and authenticated within a computer system or network.

The principle of least privilege is a concept that aims to grant a user only the access rights that are essential for the execution of their tasks.

Multi-factor authentication (MFA) is an IT security method that requires the use of two or more different forms of authentication to verify a user's identity.

Offboarding consists of all the actions to prepare for a user's departure.

On-Premise, also known as "on-site," is a hosting model where data and software are stored on internal servers within the company.

We talk about onboarding when we want to manage the process of a new employee's arrival in a company.

PAM is a subcategory of IAM that aims to protect and supervise access to user accounts and privileges to enhance security and minimize risks associated with the use of privileged accounts.

User account provisioning is the automated process of creating, modifying, deactivating, or deleting user accounts in a system or application.

Role-Based Access Control (RBAC) allows controlling access to digital resources based on the roles of users within the organization.

The purpose of the IT account review is to ensure that all existing accounts in the IS are valid

The entitlement review focuses on the rights and access granted to each account.

Identity reconciliation is the process used to associate existing accounts with existing users.

A user repository allows you to list all the users of an entity.

HRIS is an acronym meaning Human Resources Information System. It generally refers to one or more software programs used to manage a company's employees.

SSO, or Single Sign-On, is a single authentication method that allows users to enter their password only once to connect to multiple applications.

SaaS or "Software as a Service" refers to a software distribution model that uses the cloud.

Information Technology (IT) services encompass all activities aimed at managing electronic data and information within an organization.

Shadow IT refers to the use of software, applications, or IT services outside the control or supervision of the company's IT team.

Segregation of Duties (SoD) is an essential IT security practice for adequately managing access rights and privileges.

A user in the "IAM" sense is a physical person who has a contractual relationship with the entity and for whom we must manage their authorizations or their access to the entity's various software applications.

A workflow designates the organized sequence of tasks, activities, or steps necessary to accomplish a specific process or activity within an organization.