Using a central identity store with Active Directory
One of the most used identity stores still is Active Directory. Before we get into Active Directory (AD) itself, it's important to understand that it should definitively not be confused with Azure Active Directory. The latter is an authentication service in Azure, whereas Active Directory really is a directory.
Understanding AD is not easy, but basic knowledge is necessary when talking about IAM. An enterprise should only have one central directory. Identities should only be kept in one place. That also comes with a risk: if the directory gets breached, an attacker will have access to all identities that exist within the enterprise. It's crucial that the directory and the IAM system is very secure and that directory data is extremely well protected. This is an area where tools such as Saviynt and CyberArk come in: they add an extra security layer on top of IAM.
Both Saviynt and CyberArk offer solutions that are deployed on...