The objective of Identity Express is to minimize the time,
cost and risk of Identity and access management (IAM) system deployment. Instead of
spending months with consultants to document existing processes,
adjust them and then implement automation on a "clean slate" system,
Hitachi ID recommends discarding old, inefficient processes, adopting
best practices and implementing a full set of IAM processes in just
a few days. Identity Express can reduce the total cost of
IAM system deployment by 80% to 90%.
Identity Express does not limit the functionality deployed by organizations.
Rather, an organization starts with Identity Express to achieve positive
results quickly and then prioritizes what product features and
integrations, which may not yet be incorporated into Identity Express
configuration, to deploy next.
Hitachi ID Identity Express: Privileged Access Edition is a set of pre-defined policies and business rules
built around Hitachi ID Privileged Access Manager, designed to simplify control over access to
privileged accounts and security groups across a variety of systems.
Identity Express: Privileged Access Edition incorporates two major components:
Policy rules that determine:
What privileged accounts and groups are visible to requesters.
Whether access is auto-approved or requires workflow approval.
Who has the responsibility to approve one-time access.
What disclosure mechanisms to offer users who have checked out
Whether to record user activity and what data streams to capture.
How to assign risk to access requests.
A delegated, team-based model for onboarding systems and accounts
and for controlling visibility, pre-authorized access, approval
workflows, disclosure methods and session monitoring.
Replacing legacy PAM processes with Identity Express
has the following advantages over custom PAM implementations:
Optimized PAM processes: Users who should
have anytime/anywhere access to privileged accounts and
groups get it.
Risk calculation: Access requests can be readily
tied to a risk assessment, reducing the impact of compromised
personal credentials, infected endpoint devices or malicious
(but authorized) users.
Delegated model: Places the responsibility for
onboarding and management of systems and accounts with
system administrators and application owners, rather than
a central PAM team.
Complete functionality: A full feature set, including
delegated administration, workflow approvals, single sign-on
and session monitoring is activated out of the gate, rather
than over a lengthy deployment.
Efficient implementation: By adopting a pre-configured
set of processes and policies, organizations minimize deployment
risk, reduce implementation cost and shorten time to value.