Cybersecurity Basics: Authentication and Authorization

Trend Micro -

What is identity and access management?

Identity and access management (IAM) ensures the right people in the right job roles can access the tools, systems, and services absolutely necessary to do their jobs. It is part of the foundation to a strong zero trust approach that answers two fundamental questions you should be asking about every solution you build: who is that and what have we allowed them to do?

The “Who”

Determining who you are is called “authentication.”

This is a process that we encounter all the time. Every time we log in, we’re authenticating to a system.

Usually, we do this with a unique username and password. To provide additional security and assurances, multi-factor authentication is highly recommended.

Multi-factor or two factor authentication is when—in addition to a username and password—the user requires another way of identifying themselves. This often generates a one-time code for a smartphone app or via text message.

The security concept behind this approach is simple. Now to get into an account you must:

Know the username Know the password Have access to the device with the one-time code at the same time

Honestly, the username is typically public knowledge. It’s often

Read More: