Idaas

IDaaS (Identity as a Service)

Identity as a Service is identity and access management provided as a cloud service Identity as a Service is identity and access management provided as a cloud service. From a functional point of view, it covers – Identity governance and management (with the repository/ directory of users and the ability to deploy (“provisioning”) accounts and authorizations in the information system (particularly in the company directory) ; – Access management and the different forms of authentication (simple, multi-factor, federative, etc.) for… Read More >>

IGA

Identity Governance and Administration (IGA)

The management of users’ identities and their authorizations IGA concerns the management of users’ identities and their authorizations (their rights in the information system applications), and the fact that these authorizations are, at all times, deployed in the applications in accordance with the current business situation. For example, an employee who has left the company should no longer have rights to the applications he or she was using. Identity governance and management is the convergence of two technology segments: identity… Read More >>

sso

Single Sign-On (SSO)

Single Sign-On authentication Single sign-on allows the user to be automatically authenticated by multiple applications, resources or websites with a single authentication. When the user connects to one of these resources, the authentication step having already been validated, the system gives the user direct access. The interest is in particular to free the user from the management of his multiple passwords, and to apply much more robust security policies (increased password complexity level, regular password rotation). Within a corporate network… Read More >>

IAM

Identity and Access Management (IAM)

A set of processes that manage a user’s identity on the network. Identity and Access Management (IAM) is the set of processes that manage a user’s identity on the network. It includes the following different segments: access management (AM), authentication, privilege account management (PAM), identity administration and governance (IGA). It is generally misused to refer to IGA. The functional scope of IAM is very broad. It will include functionalities allowing – to authenticate a user on the network (primary authentication),… Read More >>

Authentication

Authentication

Primary or secondary authentication Authentication allows a user to guarantee his or her identity before accessing a resource or service. Primary authentication will give user access to the workstation (Windows login). Several authentication modes can be made available to users: login and password, smart or contactless cards, biometrics, mobile … To classify an authentication mode it will be enough to rely on the principles of the 3 factors: “What do I have? “, ” What do I know? “, ”… Read More >>

Workplace Experience

Workplace Experience

Overall experience of an employee within an organisation. Workplace experience is an approach that focuses on the employee, the technology he or she uses and the culture of the company in which he or she works, in order to improve working conditions. The digital ecosystem, with its innovative and constantly evolving web tools and applications, has a major impact on the workplace experience. In particular, it allows, within an organization, better flexibility and communication between employees, including teleworkers. For management,… Read More >>

Virtualization

Virtualization (VDI)

An access window to a remote desktop or applications. The virtualization of desktops or applications consists of displaying applications or a desktop on the user’s computer, which are installed or run on a group of machines remote and independent of the user’s computer. The user’s workstation is thus transformed into a simple access window. This group of machines (virtual or not) can be located in an internal corporate network or in the cloud. In the case of application virtualization, the… Read More >>

ZTNA

ZTNA

Zero Trust Network Access. The ZTNA is a name describing products that apply a “Zero Trust”, or lesser privilege, policy in the area of external access. The objective is to provide strictly indispensable access to an external user so that he can carry out the necessary tasks within the framework of his work without giving him superfluous rights or access that could represent a risk for the security of the information system. Access policies are defined according to : the… Read More >>

ANSSI

ANSSI

Agence Nationale de la Sécurité des Systèmes d’Information. The National Cybersecurity Agency of France (ANSSI) is a French government organisation reporting to the Secretary General for Defence and National Security (SGDSN), who is responsible for advising the Prime Minister in the exercise of his functions in the field of defence and national security. ANSSI is responsible for cybersecurity issues in France. The ANSSI provides its expertise and technical skills to organisations (administrations or companies) with a reinforced mission to the… Read More >>

CSPN

CSPN

Certification de Sécurité de Premier Niveau. The First Level Security Certification (CSPN), awarded by the ANSSI (French National Agency for the Security of Information Systems) aims to certify the robustness of a technological product, based on a conformity analysis and intrusion tests carried out by a CESTI (Centre d’Evaluation de Sécurité des Technologies de l’Information), itself approved by the ANSSI. This certification is delivered for a specific product version. All subsequent versions of the product must therefore be re-certified. CSPN… Read More >>