12 Identity Management Books Every IAM Pro Should Read

The Best Selling Books for Identity and Access ManagementIdentity management is a fundamental part of organizational information security, yet too many businesses still rely on username and password combinations, the simplest, oldest form of authentication, to do the job.

Time and time again, that method has been proven dangerously insecure and many times an organization’s failure to modernize Identity and access management (IAM) tech and practices results in a spectacular public failure, a crisis of confidence, and a class action lawsuit.

For those information security professionals trying to push their organization into the modern era of IAM, it can be difficult to know where to start. IT workers, CIOs, and CISOs looking for new IAM, Identity Governance Administration (IGA) or Identity Management as a service (IDaaS)  solutions need a comprehensive overview in order to correctly plan, assess and deploy the right solutions for their organization.

There are loads of free resources available online (such as Solutions Review’s best practices articles, solutions directories, and buyer’s guides), and those resources are often high quality, but sometimes it’s best to do things the old fashioned way—there are few resources that can match the in-depth, comprehensive detail of a good book. And as an added bonus, on paper there are no pop-up notifications to distract you.

With that in mind, we’ve compiled a list of the twelve best identity management books available on Amazon today, listed in no particular order.

Please note that several of these books have been in print for years and may not be up-to-date on the current range of solutions on the market. However, despite their age these books still function well as high-altitude introductions to concepts and ideas that professionals building IAM plans need to be familiar with.

Identity and Access Management: Business Performance Through Connected Intelligence

Author(s): Ertem Osmanoglu

Published: 2013

As Partner and Principle in the Information Technology Advisory Services practice at multinational professional services firm Ernst and Young, and the leader of  the IAM practice at E&Y, author Ertem Osmanoglu is well qualified to write a book on IAM. He’s put those qualifications, along with 18 years of experience in IT, to work in this textbook, which focuses on real-world implementations of IAM solutions, and provide’s a step-by-step method for deploying IAM. The book also includes a companion website with source code examples in several languages.

Identity Management: A Primer

Author(s): Gram Williamson, David Yip, Ilan Sharoni, and Kent Spaulding

Published: 2009

This book may be six years old, but the team of authors (made up of IAM consultants and tech CEOs) writing on key issues of IAM and strategies and preventative measures still holds up today. This book provides strategies for implementing IAM best practices and solutions and breaks down different kinds of solutions (such as single sign-ons and role-based access controls) for the reader.

Identity and Access Management: Simple Steps to Win, Insights and Opportunities for Maxing out Success

Author(s): Gerard Blokdijk

Published: 2015

This book by Gerard Blokdijk, author of 300  service, management, and IT bestsellers around the world, is packed with ready to use insights for identity management success. Based on Blokdijk’s extensive research, this book reveals the best practices of the most successful Identity and Access Management initiatives.

CISSP Certified Information System Security Professionals Official Study Guide (7th Edition)

Author(s): James M. Stewart, Mike Chapple, Darril Gibson

Published: 2015

The seventh edition of the Official Certified Information Systems Securty Professional (CISSP) Study Guide covers 100% of exam 2015 CISSP (ISC)2 candidate information bulletin objectives including, Access Control, Application Development Security, Business Continuity and Disaster Recovery Planning, Cryptography and much more.

Focus on IAM (Identity and Access Management)

Author(s): Kiran Kumar Pabbath

Published: 2014

This book is a good resource for building a general knowledge of IAM technology and terminology and is not focused on any specific IAM tool or product. Pabbath provides deep-delving information on Identity Management with respect to process, technology, best practices, checklists, and general methodology.

Identity & Access Management: A Systems Engineering Approach

Author(s): Peter Omondi Orondo PhD

Published: 2014

This book is specifically designed to be accessible to the general IT practitioner, perfect for those of your just getting involved in information security. With this goal in mind, author Peter Omondi Orondo teases out the basic concepts of IAM in a way that anyone with some college education will be able to understand.

Identity Management: Concepts, Technologies, and Systems

Author(s): Elisa Bertino, Kenji Takahashi

Published: 2011

A practical resource offering an in-depth understanding of how IAM solutions are designed, deployed and assessed. Bertino and Takahashi provide a comprehensive overview of current trends and future directions in identity management in this well-organized guide to IAM.

Management of Information Security (3rd Edition)

Author(s): Michael E. Whitman, Herbert J. Mattord

Published: 2010

This book is focused on the managerial aspects of information security— the access control models, information security governance, and information security program assessment and metrics that make up the macro-view of Identity Management. With coverage on the foundational and technical components of information security, authors Michael Whitman and Herbert Mattord provided a strong basis for building an understanding of IAM best practices.

Digital Identity and Access Management: Technologies and Frameworks

Author(s):Raj Sharman

Published: 2011

This book helps researchers and practitioners in digital identity management generate innovative answers to an assortment of problems, as system managers are faced with major organizational, economic and market changes.

 Digital Identity 

Author(s): Phillip J. Windley

Published: 2008

One of the oldest identity management books, Digital Identity was written nearly ten years ago by Phil Windley is the Founder and Chief Technology Officer of Kynetx, details what is commonly known as “identity management architecture” (IMA): a method to provide ample protection while giving good guys access to vital information and systems. While the acronym IMA may have fallen out of favor, many of the main ideas presented in this book are as strong and viable today as they were in 2008.

Digital Identity Managment (1st Edition)

Author(s): Maryline Laurent, Samia Bouzefrane

Published: 2015

This book describes the different technical and legal approaches to protect digital identities with a focus on authentication systems, identity federation techniques, and privacy preservation solutions.

Blue Team Handbook: Incident Response Edition

Author(s): Don Murdoch

Published: 2014

The Blue Team Handbook is a zero fluff reference guide for cyber security incident responders and InfoSec pros alike. The book is peppered with practical real life techniques from the authors extensive career working in academia and a corporate setting.

And watch this for the 10 Best Resources for Evaluating IAM solutions:

Jeff Edwards
Follow Jeff

One thought on “12 Identity Management Books Every IAM Pro Should Read”

Comments are closed.