Unified access management

Unified access management (UAM) refers to an identity management solution that is used by enterprises to manage digital identities and provide secure access to users across multiple devices and applications, both cloud and on-premise. Unified access management solutions provide a single platform from which IT can manage access across a diverse set of users, devices, and applications, whether on-premise or in the cloud.

Unified access management (UAM) is an evolution of identity and access management (IAM) systems. The goal of unified access management is similar to that of identity and access management: manage the identities of individual entities (people, devices, and so on) and their authentication and authorization (roles and privileges) within and across enterprise systems in a secure manner that bolsters productivity.

Identity and access management
Traditional identity and access management tools work well in addressing specific portions of the enterprise (specific app environments, as in on-premises or cloud; or for specific users, as in employees vs. external partners) on their own. However, many businesses must harness multiple IAM solutions. For example, they may use Microsoft Active Directory and a Web access management tool to manage access to on-premise applications, but require Identity-as-a-Service (IDaaS) solutions to manage access for cloud Software as a Service (SaaS) apps.

Managing multiple identities and access management systems is a burden for Information Technology (IT) departments. It adds to cost by requiring maintenance of multiple solutions and often requires that users are provisioned and de-provisioned in multiple systems. This is because a given IAM system may only manage access from specific devices and for specific systems.

With fragmented identity management, the enterprise may not be able to provide true single sign on, multi-factor authentication, or effective user lifecycle management, slowing down digital transformation. This has a significant, financial impact.

Forrester found a $4.47 million annual loss of productivity due to poor access management per every 10,000 employees. Hybrid IT environments complicate access management, but many organizations are not able to dispense with on-premises systems. For example, in 2018 47% of IT decision makers surveyed reported that the majority of their organization’s custom applications still run on-premises.

The extensive cost of moving legacy systems means organizations are likely to remain hybrid for some time.

History
UAM was introduced by OneLogin.

Unified access management versus identity access management
UAM differs from IAM by providing an umbrella solution. A central, cloud directory is the single source of truth for identities and access. The cloud directory integrates with on-premise identity providers or cloud identity providers. It requests information from the identity providers and updates them, so that IT can do all user lifecycle management work in one place (the cloud directory) and let the UAM update appropriate identity providers.

UAM provides other functionality needed to secure access across users and devices. Typically, this includes:
 * Single sign-on
 * Multi-factor authentication and advanced adaptive authentication
 * User provisioning and de-provisioning
 * Role-based access control and flexible security policies with enforcement
 * An SSO portal that supports a broad range of cloud applications, typically using protocols such as Security Assertion Markup Language (SAML)
 * Tools to integrate on-premises software into the unified access management system
 * Support for laptops and desktops to provide single sign-on access by logging into the machine
 * Full mobile support
 * Rich reporting and intelligence about access and events