The British Academy for Training and Development presents the IT Systems: Identity and Access Management Training Course. It provides professionals with the knowledge and skills necessary for managing identity systems and secure access throughout the enterprise information technology environments. Essential topics include the identity management basics and best practices in access governance, and authentication mechanisms, among many others. Attendees will learn about fundamental components of an access control system like provisioning, role-based access control (RBAC), and single sign-on (SSO) technologies. This training brings in multi-factor authentication (MFA) integration and directory service management, including LDAP and Active Directory.

Among other subjects including access audits and compliance requirements as well as risk management, various techniques for safeguarding sensitive information from unauthorised access will include encryption and secure communication protocols. Thus, at the end of this training, attendees will have comprehensive literacy on identity lifecycle management, user authentication, and security risk mitigation due to unauthorised access.

This course is appropriate for IT professionals seeking to broaden their expertise on identity and access management for the integrity and security of the organisation's IT systems.

Objective:

Key objectives of this course are:

Offer attendees with a knowledge base on identity management and access control principles.Gain knowledge about authentication methods, including multi-factor authentication (MFA) and single sign-on (SSO).Practical approaches for user provisioning and role-based access control (RBAC) will be taught.Ensure an understanding of identity lifecycle management and secure communication protocols.Prepare attendees to implement and manage effective identity and access management (IAM) solutions.Concentrate on compliance requirements and risk management that aim to prevent unauthorised access and breaches of security.Illustrate the identity and access management architecture framework and discuss the security risks associated with its various deployment optionsDiscuss the different mechanisms for establishing strong authentication (e.g. OTP, certificate based authentication, device authentication, etc)Who Should Attend?

This course is ideal for:

IT professionals and system administrators managing access controls.Security analysts aiming to boost their cybersecurity knowledge.Professionals operating in compliance, identity management, and access governance.Those looking for a career path in identity and access management (IAM).Individuals who want to become even better experts in overseeing user access to critical systems and data.How Attendees Will Benefit:

At the end of the course attendees will gain many benefits:

Advanced Knowledge: Confirm and really develop understanding of identity and access management (IAM) issues and practices.Practical Skills: Learn to implement and administer access control systems that include role-based access control (RBAC), single sign-on (SSO), and multi-factor authentication (MFA).Security Knowledge: Involve skilling in securing sensitive systems and data by authentication, access governance, and compliance methodologies.Risk Reduction: Learn to identify and handle the security risks of unauthorised access to build up the entire security posture of the IT infrastructure.Career Growth Factor: Enhance professional development by breaking grounds in an important area of cybersecurity; on one hand, this will be instrumental in pursuing advanced jobs in IAM and security management.Hands-on Training: Obtain a hands-on experience of identity management tools and directory services like LDAP and Active Directory.Compliance Knowledge: Understand how to comply with industry standards pertaining to access audits and security protocols.Problem Scenario Solutions: Learn the approach to addressing complex organisational identity lifecycle management and access control problems.

• Introduction and principles of information security:

• Identity and access management (IAM) overview

• Attributes of information security:

• Confidentiality

• Integrity

• Availability

• Non-repudiation

• Accountability

• Auditability

• Symmetric and asymmetric cryptography

• Hashing and digital signature

• Key management

• Public Key Infrastructure (PKI)

• Architecture: certification and registration authority

• Life cycle management

• Types of certificates and usage patterns:

• Encryption

• Digital signature

• Client certificate

• SSL server certificate

• Attribute based certificate

• Case studies (e.g. email protection, mobile banking, and document signing)

• Identification and authentication

• Identification, verification and authentication overview

• Mechanisms of identification and authentication:

• One time password

• Biometric

• Digital signature

• Smartcard

• Soft/hard tokens

• Mobile device

• Risk based authentication

• Step-up authentication

• Single-sign on and federated single-sign-on

• OATH, OpenID, BorwserID, and SAML

• Architecture framework and industrial tools

• Trusted computing role in identity assurance

• Security risks associated with the discussed mechanisms

• Access control

• Principles of authorization

• Access control schemes

• OAuth protocol

• Enterprise rights management and digital rights management

• Privileged account management

• Governance and compliance

• IAM framework and use cases

• IAM architecture framework

• IAM echo system

• IAM and cloud computing

• Illustrative use cases:

• Border control

• E-passport

• National ID

• E-banking

• E-health system

• EMV scheme