Running head: IDENTITY AND ACCESS MANAGEMENT
Identity and Access Management
Name of the Student
Name of the University
Author Note
� IDENTITY AND ACCESS MANAGEMENT 1
Abstract
The report reveals the advantages of Identity and Access Management. It helps in serving
security to any organisation. Therefore IAM should be incorporated in the organisation where
proper security is required. This report consists of the requisition of IAM in Healthscope,
importance of IAM and it includes IAM.
� IDENTITY AND ACCESS MANAGEMENT 2
Introduction
Identity and Access Management is mainly considered as the skeleton for the progression
of business that facilitates the management of the organisation, of having the electronic
identities. This framework supports in implementing the necessity of the technology in
sustaining the identity management.
IAM is defined as the management of the identity of an individual; it also helps in
checking the authentication, authorisation in categorizing for the access of the resources as well
as their privileges. It aids in implementing the good governance within the organisation. IAM’s
goal ensures that every resources are been accessed in secure way where the users have the
access for resources which are mainly required by them in order to maintaining the productivity
(Beach, 2014).
Requirement of IAM
IAM implements the management of the account, calculating the federated access, sign
on singly as well as with the self service. It also deals with the involvement in the application,
excellent authentication and provisioning the services of the organizations. It also deals with the
adjusting the access to the resources of the users, if the particular user is unauthorised.
Healthscope does not allow the funding for the projects of IAM as it is not directly associated
with the increment of the profit of the organisation. The consideration of administrative office of
Healthscope is mainly required for managing the access as well as in the maintenance of the flow
of data of the particular organisation. The technologies like BYOD, mobile apps and cloud
computing have being introduced in the issues like theft of the identity that is considered as one
of the major problem for any particular organisation (Habiba et al., 2014). Demands like
approaching to another worker for opposing for a particular case that may prompt as a gathering
of any benefits that are being termed as privilege creep. Privilege slink makes security as a
chance in two assorted ways. A representative with benefits past what is justified may get to
applications and information in an unapproved and feasibly hazardous way. Moreover, if an
impostor accesses the record of any particular client with any unnecessary benefits, he may have
the capacity for the accomplishment of more damage naturally. Identity of the particular theft
may take place from these entire circumstances.
� IDENTITY AND ACCESS MANAGEMENT 3
Importance of IAM
IAM is very much essential as well as important for providing the required support to the
security framework of an organisation. The security threats are one of the alarming factors in the
context of Information Technology implementation within Healthscope. IAM helps in restricting
the data breaching as it regulates the identity problem. Data breaching is considered to be an
issue of IAM and most of the company does not recognise this fact (Islam et al., 2015). IAM
plays significant role in reducing the problem of data theft as it is directly been linked with
the permit of authorisation and it provides the access to the authorised user only. Threats
regarding the security and identity theft mainly arise within the organisation only. When the
things are on the security purpose of the healthcare and conducting the business Healthscope
may face the threats from their employees for data theft if they are having weak IAM (Xiong et
al., 2014). Therefore IAM plays an integral role in keeping the data safe and provide the access
of the data to the authorised user only.
IAM system includes
The system of IAM includes the automatic initiation, recording as well as managing the
identities The framework incorporates the service of centralised directory which safeguards the
credentials so that the record in the files are not done haphazardly. This framework helps the user
to set up their accounts and the system of access management helps the administrator’s to alter
the access right if there is case of identity theft (Fermantle, 2016).
Recommendation
Developing a wide ranging policy for Identification and better access management:
Development of an all-inclusive IAM policy is a must. Because requirements of IAM
changes in internal as well as external way, Penn State needs to retort by the means of
amendments and updates to its IAM policy, principles and processes.
Categorizing the data on the basis of its security
Measuring the negative impact of the accessing the unauthorized for the given category
of data on the basis on the various factors for instance financial, operations, reputations,
personal safety and the obligations of the compliance of the legal matters.
� IDENTITY AND ACCESS MANAGEMENT 4
Mapping the potentiality for impacting the level of the assurance that is required for
protecting the data
Using the level of the assurance that is required for selecting the technology that is
appropriate for the e-authentication as recommended by the National Institute for
Standards and Technology for 800-63 document or using of the methodology that is
similar for accessing the risk for the specific method of E-authentication
Employing the electronic and the physical control for supporting the assessment for the
process in risk
Conclusion
On checking the rate of the growth in the field of banking, insurance, healthcare and the
sectors for the manufacturing where the identification of the infrastructure and scattering the
identification for the silos that is present in the difficulties in preparing the single profile that is
completed. The ability for the combination of the identity and the integration of the data together
in creating the profile that is considered for the completion of the profile in allowance the
enterprising for delivering a better that is considered to be more secured experience digitally.
Healthcare is considered to be one of the vast example of the today’s large enterprise as a
challenge. The conversing nature of the healthcare industry created difficulty in providing the
access for providing the security for the critical applications, whether it is in enterprise or in the
cloud or it is in the web. On the basis of the consolidations, acquisitions and the mergers
becomes the fresh and the new normal in the sector of the healthcare organizations that mainly
faces the diversity in the infrastructures in IT, it can be the solution that identity across the
systems locally, initiatives globally as necessary. In such complex situations, environments are
hybrid in nature, regulatory compliance is considered to be critical in natures that are identifies
carefully for the management.
� IDENTITY AND ACCESS MANAGEMENT 5
Reference List
Beach, B. (2014). Identity and Access Management. In Pro Powershell for Amazon Web
Services (pp. 193-214). Apress.
Fremantle, P. (2016). Federated Identity and Access Management in IoT systems. Engineering
Secure Internet of Things Systems, 131.
Habiba, U., Masood, R., Shibli, M. A., & Niazi, M. A. (2014). Cloud identity management
security issues & solutions: a taxonomy. Complex Adaptive Systems Modeling, 2(1), 5.
Islam, S. R., Kwak, D., Kabir, M. H., Hossain, M., & Kwak, K. S. (2015). The internet of things
for health care: a comprehensive survey. IEEE Access, 3, 678-708.
Xiong, J., Yao, Z., Ma, J., Liu, X., Li, Q., & Ma, J. (2014). PRIAM: Privacy Preserving Identity
and Access Management Scheme in Cloud. TIIS, 8(1), 282-304.
