Ascent InfoSec Identity and Access Management (IAM) is a managed service that enables organizations to control user access to enterprise resources including applications, databases, and networks. The service covers the full lifecycle of user identity management — from provisioning and deprovisioning to authentication and authorization. Access control is enforced through Role-Based Access Control (RBAC), where users are assigned roles based on job function and access is granted automatically according to defined policies. Core functionalities include: - User identity management: creation, modification, and deletion of user accounts, with optional directory synchronization - Provisioning and deprovisioning: granting and revoking access by role, department, or grouping to reduce risks from ex-employee access - Authentication: verifying user identity via Multi-Factor Authentication (MFA) and adaptive authentication methods that factor in contextual signals such as location, time of day, IP address, and device type - Authorization: ensuring users receive the exact level of access they are entitled to - Single Sign-On (SSO): allowing users to authenticate once and access multiple resources - Reporting: generating audit logs of login events, system access, and authentication types for compliance purposes The service also covers Identity as a Service (IDaaS), offering cloud-delivered identity management that reduces on-premises infrastructure requirements. IAM capabilities extend to on-premises and cloud environments and support access for external users including customers, partners, contractors, and suppliers across mobile, on-premises, and SaaS applications.