Hitachi ID Systems offers a series of reference implementations of Hitachi ID Identity and Access Management Suite, branded as Hitachi ID Identity Express to its customers and partners.
The objective of a reference implementation is to minimize the time, cost and risk associated with IAM system deployment. Instead of spending months with consultants to document existing processes, adjust them and then implement automation on a "clean slate" system, Hitachi ID Systems recommends discarding old, inefficient processes, adopting best practices and implementing a full set of IAM processes in just a few days. Reference implementations can reduce the total cost of initial IAM deployment by 80% to 90%.
The idea of a reference implementation is not to suggest that every IAM deployment can be the same. That's one end of a spectrum -- 100% standardized. The other end of the spectrum -- 100% custom, is also unnecessary. Instead, reference implementations apply to classes of organizations, which have near-identical requirements and would benefit from a shared implementation.
Hitachi ID Systems has identified a number of such patterns, including:
- Corporate-style IAM (Corp) to manage the access of employees and contractors.
- Partner portal IAM (B2B), to delegate administration of users to administrators in each organization.
- Higher education IAM, to manage the access of students, faculty, staff and alumni.
- Healthcare delivery IAM, to manage the access of doctors, nurses, clinicians, support and administrative staff in hospitals.
- Password management, for most organizations.
- Privileged access management, also for most organizations.
Doubtless there are other patterns, but the above set are an excellent start and fit the needs of most organizations.
Replacing legacy IAM processes with Identity Express has the following advantages over custom IAM implementations:
- Optimized IAM processes: The business processes codified
in Identity Express have been optimized for fast service and
robust internal controls, improving on the legacy processes in
- Complete functionality: When implementing a custom IAM
system, organizations can only automate one or two processes at a time.
Most start with onboarding, deactivation or access reviews and
only later automate transfers, leaves of absence, name changes,
rehire detection, etc. In contrast, Identity Express allows organizations
to automate a comprehensive set of identity lifecycle processes
- Efficient implementation: By adopting a pre-configured set of processes and policies, organizations minimize deployment risk, reduce implementation cost and shorten time to value.
- IAM for Employees and Contractors:
Automate the life-cycles of employees and contractors in corporations and similar organizations.
- IAM for Partners:
Automate the life-cycles of partner users accessing a portal environment.
- Password Management:
Standardized and optimized implementation of enterprise password management.
- Privileged Access Management:
Standardized and optimized implementation of password randomization, vaulting, account access control, session monitoring and more.