IAM Documentation
Jump to navigation
Jump to search
Identity and Access Management (IAM)
A framework of policies, processes, and technologies that ensures the right individuals (or systems) have the appropriate access to the right resources at the right time—and for the right reasons.
It covers two main areas:
Identity Management (Who you are)
- Creating, maintaining, and deactivating user identities (accounts, profiles, credentials).
- Verifying and authenticating identities (e.g., passwords, biometrics, MFA).
- Synchronizing identities across systems.
Access Management (What you can do)
- Controlling and enforcing permissions to applications, systems, and data.
- Applying principles like least privilege and role-based access control (RBAC).
- Enabling secure login methods (single sign-on, federated access, conditional access).
Why it matters
IAM helps Carleton protect sensitive data, maintain compliance with regulations, reduce security risks, and improve user experience by streamlining authentication and authorization.