Identity-as-a-service provides automated provisioning, self-service, sophisticated identity and access management (IAM), and more in addition to SSO, adaptive multifactor authentication (MFA), and enterprise security.
IDaaS often includes SSO, as is the case with HelloID; SSO does not usually include many of the other IDaaS functionalities.
IAM is the umbrella term for the structures and processes within an organization that administer and manage users’ access to resources, often through automations (e.g., provisioning). These processes leverage your organization’s identity data, such as the information stored in your HR system. Predominantly for IT resources, these management processes mostly deal with user accounts, network access rights, privileges, and (AD) group memberships.
SSO solutions streamline user authentication, requiring only one set of credentials for access to IT systems, applications, services, and other IT resources.
When a user logs in, the SSO solution acts as an “Identity Provider” (IdP). After logging into the SSO portal, the user’s identity is provided to the connected resources without requiring any additional logins. The user’s identity is communicated via SSO protocols, such as SAML, OAuth, or OpenID Connect.
While this may sound complicated and pretty technical, the end user simply sees a dashboard of their accessible resources after logging into the SSO portal. HelloID currently offers over 750 “plug-and-play” connectors for all types of systems, applications, services, and other IT resources.
For more information on individual connectors, including functionalities and SSO protocols, please refer to our continually expanding list:
Multifactor authentication (MFA) is an account security process requiring two or more separate steps for a user to prove their identity. It most commonly refers to logging into a computer, network, application, or other resource.
To complete a Multifactor Authentication process, you must provide specific credentials or meet certain conditions at each stage. While “two-factor authentication” remains a popular term, MFA has increasingly become the umbrella term.
User account provisioning is an identity management process that ensures user accounts are created, given proper permissions, and updated as needed. When automated, these actions are triggered by new or updated information detected in a “source system” (e.g., HR system).
New hires, promotions, transfers, and departures are examples of events that can trigger identity management processes.
Role-based access control (RBAC) is the identity management method of preconfiguring structured user access according to each position’s job function and responsibilities (e.g., department, position, location, and other potential factors). The collection of an entire organization’s role-based access controls for each position is referred to as an “authorization matrix”. RBAC is one of the major methods for implementing and enforcing Access Governance.