You keep using that word...

You keep using that word...

Authorization and Authentication are often mixed up in the world of cybersecurity. Solutions that handle Access Management are often confused with Identity and Access Management tools. It totally makes sense because they kinda do the same thing but.... they don't.

Authentication is the process of verifying the identity of a user (think usernames, passwords and accounts)

Authorization is giving access to things based on the authenticated identity.

To be honest you could use either of these to control who has access to what system. When put together you can now get better understanding of what accounts exist, what they have access to and you now have a clearer understanding of what is going on.

To view or add a comment, sign in

More articles by Octavio Lopez, CISSP

  • Hey! Who Moved My Cheese?

    Hey! Who Moved My Cheese?

    Have you ever read the short story "who moved my cheese"? Hem, Haw, Sniff and Scurry? I Thought about this in…

    1 Comment
  • Identity Management? You mean Active Directory right?

    Identity Management? You mean Active Directory right?

    Before getting into the world of Identity and Access Management I used to be a Windows and Linux Administrator. I knew…

    2 Comments

Insights from the community

Others also viewed

Explore topics