IAM

Identity Governance & Administration

;

IAM: Identity Governance & Administration

Identity & Access Manager (IAM) is a complete Identity Governance & Administration Solution. IAM provides timely, standardized, and easy management of user accounts and access rights on the network while maintaining full compliance with laws and regulations in the areas of HIPAA, SOX and many more.

The functionality in IAM is offered through different modules; namely User Provisioning, Workflow Management & Self-Service, Helpdesk Delegation, Access Governance and Downstream Provisioning. Read more below about these modules.

User Provisioning (SRC)

User Provisioning (SRC)

Information in an HR system is an excellent source for managing user accounts in the network, and for Identity Management. Our User Provisioning software creates a connection between the HR system and the user accounts in the network (for example Active Directory). With IAM the entire intake, progression, and outflow process is automated. Changes are implemented quickly, faultlessly and efficiently.

;

Automating the user account management process

The personal details of employees, such as their name and address details, contract starting and ending dates, department, position and cost centre, are all tracked accurately in the HR system. This makes the personnel system the ideal source for all changes involving user accounts.


With IAM User Provisioning software it's possible to synchronize user account information automatically between the HR system (for example SAP, PeopleSoft) and the network. A change in the HR system is detected by IAM and is then automatically implemented in the network using procedures.

Benefits of User Provisioning

Shorter lead time

Shorter lead time

New employees are assigned the correct rights in good time, and are productive from the very first day.

Faultless

Faultless

Changes are implemented immediately and faultlessly in the network, without any manual intervention.

Effectiveness improvement

Effectiveness and efficiency improvement

The concept of 'core registration' is introduced. The details are managed in one place in the organization, rather than by different departments.

Workflow Management (WFM)

Workflow Management (WFM)

With Workflow Management and Self-Service, employees and managers can request, check and approve facilities themselves without any intervention from the IT Department. For example an employee may request access to an application, a project disk or to view reports. The approval process is part of a structured workflow. The manager can authorize the request and with our Identity & Access Management software, it can be implemented immediately in the network.

;

Streamline all service provision processes

The organization itself often knows best how a user account and access rights should be managed. With the right software it's possible to involve the organization more in managing user accounts, and to put managers and employees at the core of the user management process.


IAM Identity & Access Management software supports a wide range of systems. This makes it possible not only to apply Workflow Management and Self-Service to user account management, but also to a variety of other service provisioning processes. Examples might be requesting physical access to a work area, applying for a smartphone or submitting a helpdesk call. Watch the video to learn more about IAM Workflow Management.

Benefits of Workflow Management & Self-Service

Timely

Timely

With an automated system the applicant himself has control over the moment of applying and the actual duration of the request.

Approval

Approval

IAM has an integrated authorization mechanism with the log-in account of the manager. In this way, IAM always knows who submitted the request and, more importantly, that a manager has approved it.

Integration

Integration

The number of Self-Service portals is growing. It’s important to offer the end-user just one portal. IAM can be integrated seamlessly with other portals, so that the end-user does not become confused and enjoys a one-portal experience.

 Helpdesk Delegation (HD)

Helpdesk Delegation (HD)

Traditionally, managing user accounts is performed by the helpdesk and functional application administrators. These are trained and skilled IT staff, and they need advanced rights (admin) to be able to perform their work. With the Helpdesk Delegation module in IAM, all user management tasks are recorded in IAM scenarios and are linked to web forms. After this has been set up, untrained and unskilled IT staff can perform the user account management without advanced admin rights. Every change is also performed and recorded in the same way in an audit log. 

;

Work of second-line and third-line performed by the first-line

Using Helpdesk Delegation, less-skilled IT staff can safely perform a range of management tasks, such as creating accounts, processing them, removing them, and resetting passwords, without needing any explicit IT knowledge.

Thanks to the approach using a standardized questionnaire, an experienced consultant and a library with hundreds of scenarios, Tools4ever is able to deliver a working environment in just three days, with which unskilled IT staff will be able to perform user management immediately.

Benefits of Helpdesk Delegation

Improved security

Improved security

The IT staff do not need any admin rights in order to perform user account management tasks.

Enhanced staff productivity

Enhanced staff productivity

Changes can be performed by all employees rather than only by trained, skilled IT staff.

Faster auditing

Faster and more complete auditing

Modifications are standardized so that mistakes can be prevented.

Access Governance (AG)

Access Governance (AG)

Access Governance (also known as Role Based Access Control, RBAC) supports the management of employee access rights for applications and data. Access Governance replaces the copy-user, spreadsheets, user template and other types of manual, imperfect and error-prone access management. With Access Governance, access rights are recorded in a universally-manageable model. Access rights for an employee are issued, changed and withdrawn through the model. Access Governance offers a variety of methods to build the model (mining), to manage it (workflow requests and approvals) and to keep it unpolluted (attestation and reconsolidation).

;

Structured and phased authorization management

Our AG software ensures that employees maintain the correct authorizations appropriate to their roles. Based on the employee's role, an authorization matrix is used to determine the resources to which the employee has access, (for example being able to perform certain transactions, access to a system or part of it, and access to specific physical locations.

It starts with the current maturity level, after which the desired requirements are implemented. The goal is to create an authorization matrix which is as complete as possible, taking all the available AG information into account. In this way your organization can set up phased authorization management without any major organizational effort.

Watch the video to learn more about Access Governance.

Benefits of Access Governance

Security

Security

Structuring the authorization management guarantees that employees have the correct access rights. Not too few (productivity losses) and not too many (copy-user and rights accumulation).

Compliance

Compliance

Structured management and monitoring of rights makes it possible to show that authorization management is under control (NEN, ISO, SOX, BIG). Employees also acquire the right authorizations immediately and easily.

Cost savings

Cost savings

By managing efficiently cost can be saved. Indirect costs are saved because fewer incidents occur and unnecessary licensing fees are avoided.

Downstream Provisioning (APPL)

Downstream Provisioning (APPL)

Achieving an automatic connection other than Active Directory, Exchange, and NTFS for managing user accounts in other systems and applications is a subsequent step. In the downstream provisioning phase, the notification emails which are normally sent to application administrators are replaced by automatic application connections. By default IAM has a large set of connectors for managing user accounts (authentication) and rights (authorizations) in systems and applications.

;

IAM links all the systems in your network

IAM Identity & Access Management software is delivered with a large number of default connectors. These connectors have been developed by us and are maintained as part of the maintenance contract.

IAM has around 150 standard connectors for various systems and applications containing user accounts information. These include operating systems, helpdesk systems, HR systems, student information systems, directories, databases, telephone systems, ERP systems, and a host of other systems.

Benefits of Downstream Provisioning

Timely

Short user accounts lead time

New employees have the proper authorizations to the network and adjacent systems and applications.

Reduce

Reduces the management burden for applications

Application Engineers are less burdened with processing the changes of user accounts.

Manage user accounts

Manage user accounts unequivocally

The process around managing user accounts is deployed at the same, uniform manner for all systems and applications in the network.