Identity and access management
In cyber-security, identity and access management (alternatively known by its abbreviation, IAM, as well as identification and access management or, simply, identity management; more narrowly known as user management; hereinafter, IAM) is practice and a set of concepts based on that practice of granting each user of some system a right system-user role.
The goal of IAM can be stated as to "enable the right individuals to access the right resources at the right times, and for the right reasons" (as quoted in Wikipedia. IAM combines business processes, policies, and technologies.
User management
User management defines the ability for administrator(s) to manage user access to various IT resources like systems, devices, applications, storage systems, networks, SaaS services, and more. User management is a core part to any directory service and is a basic security essential for any organization. User management enables admins to control user access and on-board and off-board users to and from IT resources. Subsequently a directory service will then authenticate, authorize, and audit user access to IT resources based on what the IT admin had dictated.
Traditionally, standalone user management has been grounded with on-prem servers, databases, and closed virtual private networks (VPN). However, recent trends are seeing a shift towards cloud-based IAM, granting administrators greater control over digital assets.
