Resource Center
Hitachi ID Facebook Page Hitachi ID Twitter Page Find us on Google+ Hitachi ID YouTube Page

IAM System

Identity management and access governance is defined as a shared platform and consistent processes for managing information about users: who they are, how they are authenticated and what they can access.

Identity and access management (IAM) systems address a set of core business challenges:

The Hitachi ID Identity and Access Management Suite is designed as identity management and access governance middleware, in the sense that it presents a uniform user interface and a consolidated set of business processes to manage user objects, identity attributes, security rights and credentials across multiple systems and platforms. This is illustrated in Figure [link].

    Hitachi ID Suite Overview: Identity Middleware (1)

figure

The Hitachi ID Suite includes several functional identity management and access governance modules:

  • Hitachi ID Identity Manager -- User provisioning, RBAC, SoD and access certification.
    • Automated propagation of changes to user profiles, from systems of record to target systems.
    • Workflow, to validate, authorize and log all security change requests.
    • Automated, self-service and policy-driven user and entitlement management.
    • Federated user administration, through a SOAP API to a user provisioning fulfillment engine.
    • Consolidated access reporting.

    Identity Manager includes the following additional features, at no extra charge:

    • Hitachi ID Access Certifier -- Periodic review and cleanup of security entitlements.
      • Delegated audits of user entitlements, with certification by individual managers and application owners, roll-up of results to top management and cleanup of rejected security rights.

    • Hitachi ID Group Manager -- Self-service management of security group membership.
      • Self-service and delegated management of user membership in Active Directory groups.

    • Hitachi ID Org Manager -- Delegated construction and maintenance of Orgchart data.
      • Self-service construction and maintenance of data about lines of reporting in an organization.

  • Hitachi ID Password Manager -- Self service management of passwords, PINs and encryption keys.
    • Password synchronization.
    • Self-service and assisted password reset.
    • Enrollment and management of other authentication factors, including security questions, hardware tokens, biometric samples and PKI certificates.

    Password Manager includes the following additional features, at no extra charge:

    • Hitachi ID Login Manager -- Automated application logins.
      • Automatically sign users into systems and applications.
      • Eliminate the need to build and maintain a credential repository, using a combination of password synchronization and artificial intelligence.

    • Hitachi ID Telephone Password Manager -- Telephone self-service for passwords and tokens.
      • Turn-key telephony-enabled password reset, including account unlock and RSA SecurID token management.
      • Numeric challenge/response or voice print authentication.
      • Support for multiple languages.

  • Hitachi ID Privileged Access Manager -- Secure administrator and service accounts.
    • Periodically randomize privileged passwords.
    • Ensure that IT staff access to privileged accounts is authenticated, authorized and logged.

  • Group Manager is available both as a stand-alone product and as a component of Identity Manager.

The relationships between the Hitachi ID Suite components is illustrated in Figure [link].

figure

    Components of the Hitachi ID Suite (2)

Return to Identity Management Concepts