Introduction
Hitachi ID Systems offers multiple editions of Hitachi ID Identity Express -- each of which is a reference implementation of the Hitachi ID Identity and Access Management Suite for a specific type of organization and feature set.
The objective of Identity Express is to minimize the time, cost and risk of Identity and access management (IAM) system deployment. Instead of spending months with consultants to document existing processes, adjust them and then implement automation on a "clean slate" system, Hitachi ID recommends discarding old, inefficient processes, adopting best practices and implementing a full set of IAM processes in just a few days. Identity Express can reduce the total cost of IAM system deployment by 80% to 90%.
Identity Express does not limit the functionality deployed by organizations. Rather, an organization starts with Identity Express to achieve positive results quickly and then prioritizes what product features and integrations, which may not yet be incorporated into Identity Express configuration, to deploy next.
Hitachi ID Identity Express: Privileged Access Edition is a set of pre-defined policies and business rules built around Hitachi ID Privileged Access Manager, designed to simplify control over access to privileged accounts and security groups across a variety of systems.
Identity Express: Privileged Access Edition incorporates two major components:
- Policy rules that determine:
- What privileged accounts and groups are visible to requesters.
- Whether access is auto-approved or requires workflow approval.
- Who has the responsibility to approve one-time access.
- What disclosure mechanisms to offer users who have checked out access.
- Whether to record user activity and what data streams to capture.
- How to assign risk to access requests.
- A delegated, team-based model for onboarding systems and accounts and for controlling visibility, pre-authorized access, approval workflows, disclosure methods and session monitoring.
Replacing legacy PAM processes with Identity Express has the following advantages over custom PAM implementations:
- Optimized PAM processes: Users who should
have anytime/anywhere access to privileged accounts and
groups get it.
- Risk calculation: Access requests can be readily
tied to a risk assessment, reducing the impact of compromised
personal credentials, infected endpoint devices or malicious
(but authorized) users.
- Delegated model: Places the responsibility for
onboarding and management of systems and accounts with
system administrators and application owners, rather than
a central PAM team.
- Complete functionality: A full feature set, including
delegated administration, workflow approvals, single sign-on
and session monitoring is activated out of the gate, rather
than over a lengthy deployment.
- Efficient implementation: By adopting a pre-configured set of processes and policies, organizations minimize deployment risk, reduce implementation cost and shorten time to value.
