Ordlista for identitetsstyrning
Tydliga, praktiska definitioner for alla termer inom identitetsstyrning och atkomsthantering. Ingen jargong, inget leverantorssnack — bara det du behover veta.
A
Access Review
An access review is the process of examining and validating users' current access to systems, applications, and data to ensure it is still appropriate. Access reviews help organizations maintain security, enforce least-privilege access, and satisfy compliance requirements.
Access Certification
Access certification is a formal governance process where designated reviewers (typically managers or application owners) verify that users' current access to systems and data is still appropriate. It is a key control for maintaining least-privilege access and meeting compliance requirements.
I
ISO 27001
ISO 27001 is an international standard for information security management systems (ISMS). It provides a framework for organizations to identify, manage, and reduce information security risks through a systematic set of policies, processes, and controls.
Identity Governance and Administration(IGA)
Identity Governance and Administration (IGA) is a framework of policies, processes, and technology that manages digital identities and controls who has access to what within an organization. It combines identity lifecycle management with access governance to make sure the right people have the right access at the right time.
Identity and Access Management(IAM)
Identity and Access Management (IAM) is the discipline of managing who can access which systems and what they can do within those systems. It covers everything from user authentication and authorization to directory services and access policies.
L
Lifecycle Management(ILM)
Lifecycle management (also called identity lifecycle management) is the process of managing user accounts and their access from the moment someone joins an organization through role changes and eventually to their departure. It covers creating accounts, assigning access, updating permissions when roles change, and revoking everything when someone leaves.
Least Privilege
The principle of least privilege states that users should only have the minimum level of access required to perform their job duties — nothing more. It is a foundational security concept that reduces risk by limiting the potential damage from compromised accounts, insider threats, and human error.
M
Multi-Factor Authentication(MFA)
Multi-factor authentication (MFA) is a security method that requires users to verify their identity using two or more different factors before they can access an account or application. It significantly reduces the risk of unauthorized access, even when passwords are compromised.
Microsoft Entra ID
Microsoft Entra ID (formerly Azure Active Directory) is Microsoft's cloud-based identity and access management service. It handles authentication, authorization, and user management for organizations using Microsoft 365, Azure, and thousands of third-party applications.
S
SOC 2
SOC 2 (System and Organization Controls 2) is an auditing framework developed by the American Institute of CPAs (AICPA) that evaluates how organizations manage customer data. It focuses on five trust service criteria: security, availability, processing integrity, confidentiality, and privacy.
Single Sign-On(SSO)
Single sign-on (SSO) is an authentication method that lets users log in once and then access multiple applications without entering their credentials again. It reduces password fatigue, improves security, and gives IT teams centralized control over application access.
Separation of Duties(SoD)
Separation of Duties (SoD) is a governance principle that prevents any single person from having enough access or authority to complete a high-risk process alone. By requiring multiple people to be involved in sensitive operations, SoD reduces the risk of fraud, errors, and abuse of privilege.
U
User Provisioning
User provisioning is the process of creating user accounts and granting the appropriate access to systems, applications, and resources when someone joins an organization or takes on a new role. It is the "give access" side of identity lifecycle management.
User Deprovisioning
User deprovisioning is the process of revoking a user's access to systems, applications, and data when they leave an organization or no longer need that access. It is the "remove access" side of identity lifecycle management, and it is critical for security and compliance.
Omsatt dessa begrepp i praktiken
Adcyma gor identitetsstyrning enkelt for foretag som anvander Microsoft Entra ID.