Identity Defined Security Alliance

Putting Identity at the Center of Security

2020 Identity Defined Security Framework Definitions - Draft

IDSA Framework
The Identity Defined Security framework provides practitioners with a set of fundamental building blocks along with blueprints and best practices that help achieve desired security outcomes to address the business need of their customers.

Identity Defined Security Outcome
An Identity Defined Security Outcome is a desired result that improves an organization’s security posture through identity-centric security and reduces the risk of a breach or failed audit.

Identity Defined Security Approach
Identity Defined Security Outcomes can be achieved through many different identity defined security implementation approaches. These approaches are well-defined patterns combining identity and security capabilities that help organizations leverage an identity context to improve security posture.

Best Practices
The foundation of an identity-centric approach to security is ideally a mature Identity and Access Management (IAM) program, but it’s not always sufficient in itself. A set of best practices defined by the IDSA focused on IAM fundamentals, serve as recommended hygiene tips related to the people, processes, as well as technology aspects of an IAM program. These hygiene tips can augment the foundation of an identity-centric approach to security.