Identity Manager is an integrated solution for managing identities and security entitlements across systems and applications. It ensures that users are granted access quickly, that entitlements are appropriate to business need and that access is revoked once no longer needed.
Identity Manager implements the following business processes to drive changes to identities and entitlements on systems and applications:
- Automation: grant or revoke access based on changes in trusted data (typically HR).
- Requests: users request changes to identity data or access rights -- for themselves or for peers.
- Certification: stake-holders review the status and access rights of other users, to identify access which is no longer business-appropriate.
- Workflow: users are invited to approve requests, implement approved changes or perform access reviews.
- Analytics: examine trends, access rights, data consistency and policy compliance to identify and remediate problems.
Users have too many login IDs. A typical user in a large organization may sign into 10 to 20 internal systems. This complexity creates real business problems:
- Redundant and expensive onboarding processes.
- Slow and unreliable access deactivation.
- Users with inappropriate security entitlements, who may be able to intentionally or accidentally harm the organization.
These problems lead to high IT support costs, poor user service and security vulnerabilities, in some cases violating regulatory requirements.
Identity Manager manages the lifecycles of identities and entitlements. It includes:
- Automatically granting and revoking access, after detecting changes on systems of record.
- A web portal for access requests and certification.
- A workflow engine to invite people to approve requests, review access or complete tasks.
- Policy enforcement related to SoD, RBAC, risk scores, privacy protection and more.
- Reports, dashboards and analytics.
Identity Manager includes connectors to manage users and entitlements on over 120 kinds of systems and applications, on-premises and in the cloud.
These capabilities are accessed via a web portal, compatible with both full-screen browsers (PC, tablet) and smart-phones (via mobile app).