Identity management is a discipline which encompasses all of the tasks required to create, manage, and delete user identities in a computing environment.

Identity Management is often abbreviated IdM.

Identity Management Tasks During Account Provisioning

Identity management begins with the creation of the user account and the assignment of appropriate attributes to the account.

The user account is then provisioned into all of the systems to which that user is to be given access.

Identity Management Tasks During the Account Lifetime

Identity management tasks during the lifetime of the user account include:

  • Adding or removing access to specific systems
  • Password resets for lost passwords
  • Enforcing periodic password changes to increase network security

Identity Management Tasks During Account Deletion

When a user leaves an organization, her access must be revoked from every system in the environment.

In addition, any objects (files, databases, database tables, etc…) owned by that user must have their ownership assigned to an appropriate replacement user.