(also AM, access control)
Access management definition
Access management is the branch of cybersecurity dealing with software, hardware, and policies that control user access to computer systems. Access management tools determine what permissions the user has and grant access to the appropriate resources on the network.
In the past, access management tools focused on protecting specified devices on internal on-site networks (called intranets). The rise of personal mobile devices and the growing popularity of remote work have prompted the creation of cloud-based access management solutions.
Real examples of access management
- Single sign-on (SSO): Single sign-on solutions let employees access their organization’s resources with a single set of credentials. SSO systems can cover nearly every aspect of the organization’s workflow — from remote app access to the office’s Wi-Fi connection.
- Privileged access management (PAM): PAM tools control access to sensitive or high-privileged systems, such as administrator accounts or servers.
- Attribute-based access control (ABAC): ABAC systems determine whether any given user should be granted access based on an established set of attributes. These attributes can relate to the user (such as their role, job function, and security clearance), the resource being accessed (such as sensitivity level, classification, and data type), or the access conditions (such as the time of day, location, and network security status).