Previous Next PDF

swipe to navigate

Hitachi ID Identity Manager enables automated, self-service and policy-driven management of users and entitlements with:

  • Automated updates driven by a system of record:

    Identity Manager monitors one or more systems of record (such as HR) and detect changes, such as new hires and terminations. It creates, modifies and deletes accounts and assigns or revokes entitlements on integrated systems to reflect these changes.

  • Request portal:

    Users sign into a Identity Manager web portal to request changes to their own or others' profiles. Changes may include updates to identity information, such as contact information or organizational affiliation, or changes to entitlements, such as requesting membership in groups or assignment of roles.

  • Workflow:

    An included workflow engine validates and completes requests submitted via the request portal, API or CLI. The workflow engine invites users to participate in processes, by approving requests, reviewing and certifying identities and entitlements or manually completing approved changes.

  • Access certification:

    Business stake-holders are periodically invited to review the users and security entitlements in their scope of authority. They either certify that each user or entitlement remains business-appropriate or flag it for removal.

  • Policy enforcement:

    Identity Manager enforces a variety of policies, including:

    • Role based access control, where security entitlements are grouped into roles, which are either automatically assigned to users or available for request and subsequent approval.
    • Segregation of duties, which defines mutually-exclusive sets of security entitlements.
    • Rules for the composition of unique identifiers, such as login IDs, e-mail addresses and more.
    • Privacy protection, limiting what one user can see of and request for another user.

  • Reports, dashboards and analytics:

    Identity Manager includes a many reports, dashboards and analytics, which answer questions about current and historical identities and entitlements, analyze workflow activity and trends, seek patterns in entitlements and roles and identify policy violations.

  • Automated connectors and human implementers:

    Identity Manager reads current-state information and automatically write updates to accounts on over 120 kinds of systems, including directories, on-premises and SaaS applications and various systems. Identity Manager also includes workflow processes to invite people to complete tasks, where automated integration is uneconomical or technically infeasible.

  • Unified management of logical access and physical assets:

    Identity Manager includes an inventory tracking system, used to track assets such as building access badges, tokens, etc. It automates the distribution and collection of such assets to/from authorized users.

  • Identity synchronization:

    Identity Manager merges and normalizes identity attributes from multiple sources to construct an internal meta directory. Changes are pushed out to integrated systems.

Previous Next PDF