Identity management and access governance refers to a set of technologies
and processes used to coherently manage information about users in an
organization, despite the fact that identity data may be scattered
across organizational, geographical and application boundaries.
Identity management and access governance addresses a basic business problem:
information about the identity of employees, contractors, customers,
partners and vendors along with how those users authenticate and
what they can access is distributed among too many systems and is
consequently difficult to manage.
The Hitachi ID Identity and Access Management Suite is designed as identity management and access governance middleware,
in the sense that it presents a uniform user interface and a
consolidated set of business processes to manage user objects,
identity attributes, security rights and credentials
across multiple systems and platforms. This is illustrated in
Hitachi ID Suite Overview: Identity Middleware
The Hitachi ID Suite includes several functional identity management and access
- Hitachi ID Identity Manager
-- User provisioning, RBAC, SoD and access certification.
- Automated propagation of changes to user profiles, from systems
of record to target systems.
- Workflow, to validate, authorize and log all security change requests.
- Automated, self-service and policy-driven user and entitlement management.
- Federated user administration, through a SOAP API to a
user provisioning fulfillment engine.
- Consolidated access reporting.
Identity Manager includes the following additional features, at no extra charge:
- Hitachi ID Access Certifier
-- Periodic review and cleanup of security entitlements.
- Delegated audits of user entitlements, with certification by
individual managers and application owners, roll-up of
results to top management and cleanup of rejected security
- Hitachi ID Group Manager
-- Self-service management of security group membership.
- Self-service and delegated management of user
membership in Active Directory groups.
- Hitachi ID Org Manager
-- Delegated construction and maintenance of Orgchart data.
- Self-service construction and maintenance of data about
lines of reporting in an organization.
- Hitachi ID Password Manager
-- Self service management of passwords, PINs and encryption keys.
- Password synchronization.
- Self-service and assisted password reset.
- Enrollment and management of other authentication
factors, including security questions, hardware tokens,
biometric samples and PKI certificates.
Password Manager includes the following additional features, at no extra charge:
- Hitachi ID Login Manager
-- Automated application logins.
- Automatically sign users into systems and applications.
- Eliminate the need to build and maintain a credential
repository, using a combination of password synchronization
and artificial intelligence.
- Hitachi ID Telephone Password Manager
-- Telephone self-service for passwords and tokens.
- Turn-key telephony-enabled password reset, including
account unlock and RSA SecurID token management.
- Numeric challenge/response or voice print authentication.
- Support for multiple languages.
- Hitachi ID Privileged Access Manager
-- Secure administrator and service accounts.
- Periodically randomize privileged passwords.
- Ensure that IT staff access to privileged accounts is
authenticated, authorized and logged.
- Group Manager is available both as a stand-alone product and
as a component of Identity Manager.
The relationships between the Hitachi ID Suite components is illustrated in
Components of the Hitachi ID Suite