Infosec glossary

Identity Security

Every user, service, workload, device, and automated process may have an identity with access to systems or data. Identity security covers the controls used to establish those identities, limit their permissions, detect misuse, and respond to compromise. It applies to human and non-human identities.

Market category 6 min read By Infosec Writing Studio editorial team
01

Identity security covers access before and after login

Authentication is one part of identity security. Authorization policies, entitlements, session controls, privileged access, and identity lifecycle processes determine what happens after an identity signs in or a workload receives a credential.

Monitoring adds another layer by looking for credential theft, unusual privilege use, impossible access patterns, and other signs of compromise. Response may include revoking sessions, disabling accounts, rotating credentials, or reducing permissions.

02

Human and non-human identities require different controls

Human identities include employees, contractors, partners, customers, and administrators. Non-human identities include service accounts, workloads, applications, devices, scripts, and automated agents. Each group has different credential lifetimes, authentication methods, and patterns of use.

Non-human identities can scale quickly and may operate without direct human review. Their security depends on inventory, ownership, short-lived credentials where practical, scoped permissions, rotation, and activity monitoring.

  • Authentication and credential protection
  • Authorization and least privilege
  • Identity lifecycle and access reviews
  • Identity threat detection and response
03

Identity security and IAM overlap but are not identical

Identity and access management provides processes and systems for creating identities, authenticating them, and granting access. Identity security uses many IAM controls but also includes threat detection, credential protection, privilege risk, exposure analysis, and incident response.

Privileged access management, identity governance, multifactor authentication, and identity threat detection are related disciplines. They address different parts of the identity lifecycle and may operate as separate or connected systems.