Better together: Identity providers and identity governance

- As we have discussed, authentication is validating a user's identity. Authorization is giving that user permission to access a resource. Authentication and authorization have to work well together to ensure the best results for access management. An identity provider is a provider that will execute authentication for your controls. Identity governance is the mechanism to execute authorization to your systems. Let's discuss each one in turn. You may ask, what exactly is an identity provider and why would I need one for my business? In the simplest terms, an identity provider is a service that authenticates your users and ensures they are who they say they are. Knowing your users are verified increases security for your organization, which is definitely a benefit. Think of an identity provider like a broker, someone who negotiates with the user on your behalf. An identity provider or IDP executes many tasks on your behalf as the trusted source of user authentication. An IDP can create, store and manage all the identities you may use for your organization. The process of authentication is straightforward. First, a user requests access. In most cases, users do this by entering their username and password into a form. The identity provider checks the records to see if the user is valid and has provided proper credentials and then sends a token back to the user that they can use to confirm they have proven themselves. Next is identity governance. Identity governance is the process that allows organizations to manage access to their resources in a centralized place. This process is usually enabled by an identity governance administration or IGA technology solution. Once authentication has taken place, you need to leverage identity governance in order to provide the right access to your user. The identity governance process confirms authentication has taken place by checking the user's token. That's how the identity provider and identity governance work together. The identity governance solution then gives the verified user access to the right resources. Let's look at an example. Let's say Luke owns two houses and needs to check his electric bill. When Luke goes to the utility website, he enters his username and password. The identity provider validates Luke is who he says he is and gives him a token. The identity governance tool confirms the token then goes to the electric company's records and sees that he has two houses. It then renders the information for both of his houses. But it doesn't give him any information on his neighbor's house. He only gets access to the accounts that are valid for him. It is very important that your organization only allow users entry into your ecosystem who should have access to your resources. Using an identity provider to validate their identity via authentication and then leveraging an identity governance system is an effective method for managing your users. If you'd like to learn more, you can check out specific vendors by searching for identity providers and identity governance, respectively.