IT OT Convergence

IAM

2 min read

What is IAM?

IAM stands for Identity and Access Management. It is the combination of processes, technologies and policies that ensures the right people, at the right time, gain access to the right resources — and no more than that.

IAM controls who you are, what you may do, and how that access is monitored, audited and revoked.

IAM is essential for Cybersecurity, Compliance and secure collaboration in both IT and OT environments.

🎯 Goals of IAM

  • Manage access rights to systems, networks, applications and devices
  • Provide secure authentication and authorisation
  • Centralise identity management (users, roles, permissions)
  • Log, audit and report access for compliance (e.g. ISO 27001, NIS2)
  • Reduce insider threats and misuse

🔧 What does IAM include?

Component Description
Identity management Managing user accounts, roles, certificates
Authentication Verifying who you are (password, MFA, biometrics)
Authorisation Determining what you may do (via RBAC, ABAC, or policies)
Provisioning Creating accounts and permissions during onboarding
Deprovisioning Removing access on departure or role change
Access reviews Periodically reviewing whether access rights are still appropriate
Federated identity Access via external identities (e.g. Azure AD, SSO, SAML)
Privileged Access Management (PAM) Additional protection for admin/management accounts

🔐 IAM in OT environments

IAM plays an increasingly important role in OT networks, including for:

  • Remote Access to PLC, SCADA, HMI
  • Distinct permissions for operators, engineers, maintenance, suppliers
  • RBAC on equipment, software and network segments
  • Centralised logins via Jump Servers or bastion hosts
  • Time-based access (e.g. weekdays only, between 9 am and 5 pm)

🛠 Common IAM solutions

  • Microsoft Entra ID (formerly Azure AD)
  • Okta
  • Ping Identity
  • OneLogin
  • ForgeRock
  • CyberArk (for PAM)
  • Keycloak (open source)
  • OT-specific: Tenable Identity, Claroty Secure Remote Access

✅ Benefits of IAM

  • Stronger security against data breaches and misuse
  • Faster onboarding/offboarding of staff
  • Lower management overhead through automation
  • Traceability of who does what and when
  • Support for audit, CMDB, and SOAR integration

📌 In summary

IAM ensures that users gain access to systems, data and applications in a secure, controlled and traceable way — essential for any modern, secure (manufacturing) organisation.

Graph View

Backlinks