The IDSA Integration Framework, jointly created by alliance members, defines the capabilities and technologies that help organizations implement comprehensive, next generation solutions that securely place identity at the center of security.  The framework provides the high-level integration points giving customers and prospects a jump start on green field projects, as well as transforming existing infrastructure.
 

The framework can be used to determine gaps that might exist in an existing security environment and act as a high-level blueprint for establishing an integration roadmap that solves real-world problems and strengthens your security posture.

The framework components are defined below.  The IDSA use cases represent the various methods by which the identity data and access control points defined can intersect with other cyber security components to establish an identity centric approach to security.

 

IDSA Component

Description

  Access Management Provides the authentication and authorization mechanisms (single sign-on, multi-factor, step-up) ensuring appropriate security levels are enforced.

Identity & Access Management

Identity Governance Facilitates the management of a user’s identity as it pertains to access, authorization and adherence to compliance requirements.
  Identity Administration Enables self service access request, password management, profile management and user lifecycle management.

 

Security Information & Event Management (SIEM) Enables bi-directional sharing of data for better visibility and intelligent decision making.

Security Operations

User Entity & Behavior Analytics (UEBA) Behavior-based security intelligence to detect and assess risky activity on the network and alter authentication processes in response.
  Service Management Provides a tracking mechanism to capture potential security considerations that warrant additional analysis.
  Fraud & Risk Utilizes machine learning to find and prevent fraud, as well as the ability to correlate security incidents from disparate sources and ensure compliance with corporate and industry regulations.

 

Privileged Access Management (PAM) Provides enhanced visibility and adaptive threat response to attacks, with an emphasis on detecting abnormal authentication activity with privileged accounts.

Risk Management

Governance Risk & Compliance (GRC) Provides visibility to potential security risks and allows organization an enforcement mechanism to remediate issues.
  Network Security (NetSec) Facilitates communication across private and public cloud infrastructures for the purposes of providing a single layer of application security.

 

Data Access Governance (DAG) The discovery and protection of sensitive data across the enterprise and manages the process of how users are granted access to this data.

Data Protection

Enterprise Mobility Management (EMM) Allows the registration of mobile devices to safely leverage SSO for access to cloud and native apps. In addition, the chain of trust associated with a registered device exposes device attributes and compliance rules.
  Data Loss Protection (DLP) Prevention of the distribution of sensitive data by utilizing sufficient risk based definitions to determine the appropriate level of assurance.
  Cloud Access Security Broker (CASB) Utilizes the deep analysis capabilities to provide risk based analytics to identify compromised credentials and potential risks that can then be used in authentication decisions.