Identity Management Software
Identity management software -- i.e., software that automates processes for managing just identities -- has been largely supplanted by identity and access management software -- i.e., software for managing identities and entitlements together.
The Hitachi ID Management Suite is designed as identity management and access governance middleware, in the sense that it presents a uniform user interface and a consolidated set of business processes to manage user objects, identity attributes, security rights and credentials across multiple systems and platforms. This is illustrated in Figure [link].
Management Suite Overview: Identity Middleware (1)
The Management Suite includes several functional identity management and access governance modules:
- Hitachi ID Identity Manager
-- User provisioning, RBAC, SoD and access certification.
- Automated propagation of changes to user profiles, from systems of record to target systems.
- Workflow, to validate, authorize and log all security change requests.
- Automated, self-service and policy-driven user and entitlement management.
- Federated user administration, through a SOAP API to a user provisioning fulfillment engine.
- Consolidated access reporting.
Identity Manager includes the following additional features, at no extra charge:
- Hitachi ID Access Certifier
-- Periodic review and cleanup of security entitlements.
- Delegated audits of user entitlements, with certification by individual managers and application owners, roll-up of results to top management and cleanup of rejected security rights.
- Hitachi ID Group Manager
-- Self-service management of security group membership.
- Self-service and delegated management of user membership in Active Directory groups.
- Hitachi ID Org Manager
-- Delegated construction and maintenance of Orgchart data.
- Self-service construction and maintenance of data about lines of reporting in an organization.
- Hitachi ID Password Manager
-- Self service management of passwords, PINs and encryption keys.
- Password synchronization.
- Self-service and assisted password reset.
- Enrollment and management of other authentication factors, including security questions, hardware tokens, biometric samples and PKI certificates.
Password Manager includes the following additional features, at no extra charge:
- Hitachi ID Login Manager
-- Automated application logins.
- Automatically sign users into systems and applications.
- Eliminate the need to build and maintain a credential repository, using a combination of password synchronization and artificial intelligence.
- Hitachi ID Telephone Password Manager
-- Telephone self-service for passwords and tokens.
- Turn-key telephony-enabled password reset, including account unlock and RSA SecurID token management.
- Numeric challenge/response or voice print authentication.
- Support for multiple languages.
- Hitachi ID Privileged Access Manager
-- Secure administrator and service accounts.
- Periodically randomize privileged passwords.
- Ensure that IT staff access to privileged accounts is authenticated, authorized and logged.
- Group Manager is available both as a stand-alone product and as a component of Identity Manager.
The relationships between the Management Suite components is illustrated in Figure [link].
Components of the Management Suite (2)